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THAT'S  WINDOWS  AZURE. 
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WINDOWS  AZURE  gives  you  the  ability  to  develop  and  run  applications  in 
the  cloud  with  virtually  unbounded  scalability.  That  means  near-infinite  capacity 
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infrastructures,  they're  blazing  new  trails  to  efficiency.  Our  Virtualization  Team  can  guide  you 
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Cloud  Storage 
A  Steep  Climb 

20  Organizations  in  industries  such  as  healthcare, 
finance,  manufacturing  and  media  are  as 
concerned  as  ever  about  data  security  and  privacy, 
but  they  aren’t  shying  away  from  cloud  storage. 
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online  and  then  retrieve  it 
from  the  same  device  decades 
later  would  amount  to  storage 
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may  be  more  than  a  dream. 


The  Clock  Is  Ticking  for  Encryption 

32  The  nature  of  cryptography  could  be  seriously  altered  by  the  arrival  of  quantum  computers 
in  20  years  -  which  is  right  around  the  corner  in  the  world  of  cybersecurity. 
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H  DATA  ANALYTICS 


Hadoop  Goes 
Mainstream 
For  Big  Bl  Tasks 


IT  GOVERNANCE 


Wanted:  Tech-Savvy  Board  of  Directors 


Corporate  efforts  to  glean  busi¬ 
ness  intelligence  from  the  massive 
volumes  of  data  generated  by  Web 
server  logs  and  social  media  have 
led  to  a  surge  of  interest  in  open- 
source  Hadoop  software. 

Hadoop  is  designed  to  process 
terabytes  and  even  petabytes  of 
unstructured  and  structured  data.  It 
breaks  large  workloads  into  smaller 
data  blocks  that  are  distributed 
across  a  cluster  of  commodity  hard¬ 
ware  for  faster  processing. 

The  technology  -  already  used  by 
Web  giants  such  as  Facebook,  eBay, 
Amazon  and  Yahoo  -  is  increasingly 
being  adopted  by  banking,  advertis¬ 
ing,  biotech  and  pharmaceutical 
companies,  said  Stephen  O’Grady, 
an  analyst  at  RedMonk. 

Tynt  Multimedia,  a  Web  analyt¬ 
ics  firm  that  collects  and  analyzes 
nearly  1TB  of  data  per  day,  switched 
to  Hadoop  about  18  months  ago 
when  its  MySQL  database  system 
began  collapsing  under  the  sheer 
volume  of  data  it  was  collecting, 
said  Cameron  Befus,  Tynt’s  vice 
president  of  engineering. 

Relational  database  systems  are 
good  at  data  retrieval  and  queries 
but  don’t  accept  new  data  quickly. 

“Hadoop  reverses 
that.  You  can  put 
data  into  Hadoop 
at  ridiculously 
fast  rates,"  Befus  said.  But  Hadoop 
requires  programming  tools  such  as 
Pig  or  Hive  to  write  SQL-like  queries 
to  retrieve  the  data. 

-  JAIKUMAR  VIJAYAN 


don’t  spend  enough  time  on  IT  oversight, 
perhaps  because  they  aren’t  comfortable 
with  technology,  according  to  the  report. 

The  board  of  directors  at  FedEx  is  one  of  the 
few  to  have  an  IT  oversight  subcommittee, 
noted  David  Zanca,  FedEx’s  senior  vice  presi¬ 
dent  of  IT,  at  Computerworld’s  recent  Premier 
100  IT  Leaders  conference. 

The  Deloitte  report  suggested  that  CIOs 
could  educate  their  boards  about  IT  strategy 
and  risks  —  using  business  lan¬ 
guage,  not  technical  jargon  —  at  a 
dinner  before  board  meetings. 

In  addition,  Deloitte  said  CIOs 
could  boost  the  technical  literacy  of  directors 
by  providing  a  secure  “board  portal”  or  dash¬ 
board  that  has  key  documents,  metrics  and 
data  analytics  to  support  decision-making. 

-  Mitch  Betts 


CORPORATE  BOARDS  OF  DIRECTORS 

should  devote  as  much  attention  to 
IT  matters  as  they  do  to  accounting 
rules,  but  they  rarely  do,  according 
to  a  report  released  earlier  this  month  by  the 
Deloitte  Center  for  Corporate  Governance. 

Today’s  companies  need  “tech-sawy 
directors”  who  can  make  sure  the  IT  strategy 
is  aligned  with  the  overall  strategic  plan,  as 
well  as  monitor  the  various  risks  associated 
with  IT,  the  report  said. 

“The  growing  complexity  and  pervasive¬ 
ness  of  IT  is  increasingly  making  IT  literacy 
an  essential  competency  for  directors,”  the 
Deloitte  Center  report  said.  Boards  should 
*ive  as  much  scrutiny  to  a  major  IT  project 
s  they  would  to  any  other  major  capital 
expenditure,  it  noted. 

But  most  directors  acknowledge  that  they 
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MANUFACTURER'S  RER  OR  SOFTWARE  DEVELOPER. 


THE  PERSON  WHO  BOUGHT  A  PRODUCT  FROM  KODAK  -  OR  CANON  OR  FUJITSU  OR 
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At  Kodak,  we  think  these  words  should  have  a  little  more  meaning  behind  them.  That's  why  Kodak 
Service  &  Support  provides  over  3,000  professionals  from  around  the  world  to  service  Kodak  Office 
Equipment  and  more  than  1,000  capture  and  storage  products  from  over  100  manufacturers.  It's  time, 
for  a  single,  reliable  source  and  one  number  to  call.  Coll  1.800.944.6171  or  visit  kodak.cdm/go/service  / 

©Kodak,  201 1  Kodak  is  a  trademark.  ‘  I 


!  HELP,  AS  IN  RENDER  ASSISTANCE,  SOLVE  THE  PROBLEM, 
_  NOT  SUGGEST  THAT  YOU  CALL.  SOMEONE  ELSE. 


HEADS  UP 


BETWEEN  THE  LINES 

By  John  Klossner 


MERGERS  &  ACQUISITIONS 

How  to  Integrate  a 

IT  SOUNDS  IMPOSSIBLY  FAST.  But 

$23  billion  electronic  components  dis¬ 
tributor  Avnet  can  usually  bring  acquired 
companies  into  the  fold  —  including  IT 
systems  —  within  90  days. 

Avnet  CIO  Steve  Phillips  explained  the 
process  at  Computer-world’s  Premier  100  IT 
Leaders  conference  this  month.  The  Fortune 
500  company  has  grown  via  numerous  acqui¬ 
sitions,  including  three  just  last  year. 

Phillips  said  Avnet  has  an  acquisitions 
playbook  —  actually  a  SharePoint  site  —  that 
serves  as  a  repository  of  everything  Avnet  has 
learned  through  more  than  60  acquisitions.  It 
includes  checklists,  processes  and  best  prac¬ 
tices  for  integrating  all  parts  of  the  business, 
with  a  particularly  thick  section  on  IT. 

The  CIO  urged  companies  to  “document 
your  tribal  knowledge”  and  be  sure  to  update 
the  playbook  after  each  deal. 

Phillips  said  Avnet  works  with  “deliberate 
speed”  because  a  drawn-out  process  is  a  major 
drag  on  employee  productivity  —  he  called  it  a 


Business  in  90  Days 

“deep  freeze”  —  and  Avnet  wants  to  minimize 
the  amount  of  time  the  two  companies  are 
operating  differently,  on  separate  IT  systems. 
Besides,  faster  integration  means  a  quicker 
payoff  from  the  acquisition,  he  said. 

A  key  element  of  Avnet ’s  M&A  strategy  is  to 
“ease  the  pain”  of  the  people  involved,  Phillips 
said.  “It’s  really  important  to  be  respectful 
and  humble”  when  communicating  with  the 
acquired  company’s  employees,  he  said.  They 
want  to  know,  “What’s  my  future?  Will  I  be 
with  this  company  or  not?” 

Avnet  determines  which  IT  employees  will 
be  in  the  “go-forward  organization”  and  which 
ones  will  be  in  the  “transition  organization” 
but  then  leave  once  the  integration  is  done. 

Ultimately,  “we  pick  the  best  of  the  best” 
systems,  applications,  processes  and  people, 
Phillips  said,  regardless  of  which  company 
they  come  from.  Phillips  himself  came  from 
Memec,  which  Avnet  acquired  in  April  2005. 
He  had  been  Memec’s  CIO. 

-  Mitch  Betts 
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Burst 


Market  researchers  say 
there  were  a  total  of 

7.9  billion 

downloads  from  all 
mobile  application  stores 
last  year. 

SOURCE.:  ABI  RESEARCH. 
SINGAPORE,  MARCH  2011 


MOBILE  &  WIRELESS 

iPad  Triggers 
Spending  for 
Wi-Fi  Networks 

The  rising  popularity  of  tablets  and 
smartphones  has  boosted  sales  of 
Wi-Fi  equipment  to  new  highs  as 
companies  upgrade  their  wireless 
networks,  analysts  reported  earlier 
this  month. 

Worldwide  sales  of  wireless  LAN 
equipment  rose  to  $769  million  in 
the  fourth  quarter  of  2010,  up  28% 
from  the  same  period  in  2009, 
according  to  Infonetics  Research. 
Research  firm  Dell’Oro  Group 
reported  that  for  the  full  year,  wire¬ 
less  network  revenue  jumped  25%, 
surpassing  $5  billion. 

The  wireless  LAN  market  has 
changed  more  in  the  past  six  months 
than  it  did  in  the  preceding  six  years, 
mostly  because  of  Apple’s  iPad,  said 
Roger  Hockaday,  a  marketing  direc¬ 
tor  at  vendor  Aruba  Networks. 

Having  an  office  Wi-Fi  network 
was  once  viewed  as  merely  a  con¬ 
venience  for  guests,  but  the  influx 
of  iPads  is  making  it  more  of  an  IT 
necessity,  Hockaday  said. 

Also,  now  that  people  carry  iPads 
with  them  and  connect  in  various 
places  in  an  office  building  -  not 
just  in  meeting  rooms  and  at  their 
desks  -  companies  have  to  rethink 
their  network  architectures  and 
cover  more  areas  of  their  buildings, 
Hockaday  added. 

-  MIKAEL  RICKNAS, 
IDG  NEWS  SERVICE 
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Our  business 
is  to  secure 
your  business. 


ESET  NOD32  Antivirus  4 

Fast,  Effective,  Proactive,  Antivirus  and  Antispyware 


§ 


Our  award-winning  ESET  NGD32®  Antivirus  is  the  faster,  smarter,  easier-to-manage 
defense  against  Internet  threats.  With  a  unified  management  console  that  scales  to 
support  small  and  large  business  networks,  ESET  NOD32  delivers  advanced  proactive 
protection  for  all  your  endpoints  across  Windows,  Mac  and  Linux  platforms. 


Experience  the  difference  foryour  business;  requesta  Free  Business  Edition  trial  at 

www.eset.com/business_trial 


m  A 


internet  Security 


©  2011  ESET,  LLC.  Ail  rights  reserved.  Trademarks  used  herein  are  trademarks  or  registered  trademarks  of  ESET,  LLC. 
All  other  names  and  brands  are  registered  trademarks  of  their  respective  companies. 


The  difference  between 
\  networking  and  not  working. 

Some  systems  require  you  to  reconfigure  your  network  infrastructure 
to  match  their  standards.  Not  the  IBM  BladeCenter®  with  Intel®  Xeon® 
processors.  It  offers  a  broad  range  of  networking  technologies— including 
some  of  the  most  advanced  virtualization  solutions  in  the  industry.  So 
you  can  choose  the  one  that  works  best  with  your  infrastructure.  And 
IBM  BladeCenter  can  save  you  up  to  40%  on  networking  costs  versus 
competitive  offerings.1 


Take  10  minutes  to  see  for  yourself. 

Learn  how  you  could  achieve  a  3-month  ROI  on  your  migration 
with  our  Systems  Consolidation  Tool.  Visit  ibm.com/systems/blade 

1.  The  40%  cost  savings  are  based  on  a  comparison  of  the  acquisition  costs  of  10  current  generation  HP  rack  optimized  solutions  (i.e,  DL380  G7  Proliant  with 
10  GbE  Ethernet  and  Fibre  Channel  infrastmcture)  to  10  current  generation  IBM  BladeCenter  and  HS22  systems  with  converged  fabric  solutions  from  Brocade. 
See  www-03.ibm.com/systems/bladecenter/hardware/openfabric/tcoe.htnnl.  The  IBM  solution  includes  chassis  infrastructure.  Pricing  utilizes  publicly 
available  pricing  per  port  for  ToR  etiiernet  and  FC  switching  infrastructure  as  of  Jan  2011.  The  40%  networking  hardware  costs  savings  result  from  eliminating 
separate  Ethernet  and  Fibre  Channel  cards  and  switches  in  the  deployment  of  an  IBM  BladeCenter  FCoE  solution  for  10  servers  and  associated  networking 
hardware  in  comparison  to  the  HP  solution.  IBM,  the  IBM  logo,  ibm.com  and  BladeCenter  are  trademarks  ot  International  Business  Machines  Corp,  registered 
in  many  jurisdictions  worldwide.  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies.  A  current  list  of  IBM  trademarks  is  available 
on  the  Web  at  www.ibm.com/legal/copytrade.shtml.  Intel,  the  Intel  logo  Xeon  and  Xeon  Inside  are  trademarks  ot  Intel  Corporation  in  the  US.  and  other  countries 
©  International  Business  Machines  Corporation  2011.  Atl  rights  reserved. 
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NEWS  ANALYSIS 

iPad  2  Provokes 
Anxiety  in  IT 

IT  executives  worry  that  corporate  workers 
adopting  the  new  consumer  technology  will 
expect  support  right  away.  By  Matt  Hamblen 


AS  CONSUMERS  AND  BUSINESS  USERS  flocked  to  buy 
the  new  iPad  2  earlier  this  month,  some  IT  executives 
were  cringing. 

Apple’s  latest  tablet  is  faster,  thinner  and  lighter 
than  its  predecessor  —  and  includes  two  cameras  and 
other  new  features  and  apps  that  IT  managers  say  will  lure  many 
corporate  workers  to  use  it  in  their  jobs. 

Thus  IT  personnel  know  they  will  have  to  devote  significant 
time  to  supporting  yet  another  popular  consumer  device. 

“I  have  coined  this  ‘the  tyranny  of  consumerization,’  ”  said 


Dave  Codack,  vice  president  of  em¬ 
ployee  technology  and  network  services 
at  TD  Bank  Financial  Group.  “The 
enterprise  is  not  dictating  technology 
with  these  devices;  the  revolt  is  coming 
from  the  end-user  community.” 

Codack’s  group,  which  supports  some 
81,000  workers,  is  already  testing  the 
original  iPad  device  for  various  business 
uses  while  laying  plans  to  test  the  iPad  2 
and  the  soon-to-ship  BlackBerry  Play- 
Book  tablet  from  Research  In  Motion. 

Codack  says  he’s  no  Luddite  and 
notes  that  TD  Bank’s  IT  staffers  “seem 
to  be  excited”  about  the  iPad  2’s  new 
dual  camera,  dual  processor  and  im¬ 
proved  graphics. 

“With  employees  using  these  devices  in 
their  day-to-day  lives,  it’s  inevitable  they 
will  expect  enterprise  support  to  eventu¬ 
ally  bridge  these  two  worlds,”  he  added. 

Analysts  say  that  companies  face 
huge  challenges  because  the  iPad  2  was 
not  made  with  IT  operations  in  mind. 

“Apple  did  not  address  this  at  all 
with  iPad  2,”  said  Jack  Gold,  an  analyst 
at  J.Gold  Associates.  “I  think  they 
missed  an  opportunity.” 

Gartner  analyst  Ken  Dulaney  added  that  Apple  encourages 
businesses  to  adopt  iPads  but  “has  no  intention  of  becoming  a 
Dell,  an  HP  or  Lenovo  as  far  as  enterprise  support.” 

Jude  Olinger,  CEO  of  The  Olinger  Group,  a  broad  user  of 
first-generation  iPads,  said  the  iPad  2  offers  potential  work¬ 
place  benefits  but  also  presents  IT  support  challenges. 

The  market  researcher  bought  284  first-generation  iPads  last 
April  to  conduct  shopper  surveys  at  134  U.S.  malls. 

Olinger  now  plans  to  buy  20  iPad  2  tablets,  partly  to  see 
whether  the  new  two-way  FaceTime  video  chat  capability  can 
enhance  the  process  of  conducting  surveys  remotely. 

Any  benefits  would  be  at  least  somewhat  offset  by  Apple’s 
lack  of  iPad  support,  which  had  slowed  the  research  firm’s 
initial  iPad  deployment  process,  Olinger  said. 

“The  hardest  thing  with  the  original  iPads  was  to  activate 
nearly  300  machines  at  one  time,”  he  said.  “[The]  four  people 
working  activations  could  only  get  40  done  a  day. 

“If  Apple  could  get  their  enterprise  [act]  together,  they  could 
give  Microsoft  a  run  for  their  money,”  Olinger  added.  “They  are 
backing  into  the  enterprise.” 

Gold  suggested  that  RIM’s  BlackBerry  PlayBook  tablet  could  be 
a  good  fit  for  companies  concerned  about  Apple’s  level  of  support. 

“End  users  love  the  concept  of  iPad,”  Gold  concluded.  “But  IT  ul¬ 
timately  has  to  deploy  and  pay  for  ongoing  device  maintenance  and 
control.  This  is  a  real  cost  that  users  don’t  usually  appreciate.”  ♦ 


they  could  give  Microsoft 


3  run  for  their  money.  -  ju©>v  k,  ceo,  the  olinger 
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REUTERS  /  LUCAS  JACKSON 


SMART.  SIMPLE.  SAFE 


Imation’s  RDX  Removable  Hard  Disk  Storage  system  delivers 


backup  and  restoration,  and  near-instant  data  access.  Simply  protect 


www.imatioh.com 
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MELCOR  code  analyzes 
Pw  severe  accidents  in 


nuclear  power  plants,  [the] 
progression  through  core  melting 
should  inadequate  cooling  be  available, 
and  the  release  to  the  environment 
should  containment  systems  fail. 

RANDALL  GAUNTT,  MANAGER,  SEVERE  ACCIDENT 
AND  CONSEQUENCE  ASSESSMENT  DEPARTMENT, 
SANDIA  NATIONAL  LABORATORIES 


NRC  Aims  to  Meet 
Japan-like  Challenge 

Scientists  are  working  to  find  out  how  U.S. 
nuclear  plants  would  fare  during  a  disaster. 

By  Jaikumar  Vijayan  and  Patrick  Thibodeau 


MONTHS  BEFORE  the  nuclear  disaster  started  to 

unfold  in  earthquake-  and  tsunami-ravaged  Japan, 
scientists  in  the  U.S.  started  a  project  using  the 
latest  computing  technology  and  complex  model¬ 
ing  software  to  better  determine  potential  conse¬ 
quences  of  such  calamities  at  nuclear  plants  in  this  country. 

The  9.0  magnitude  earthquake  on  March  11  caused  heavy 
damage  at  multiple  Japanese  nuclear  plants,  and  fires  and  explo¬ 
sions  led  to  the  release  of  radiation  into  the  atmosphere,  forcing 
the  government  to  expand  evacuation  areas  and  prepare  to  deal 
with  thousands  of  potential  victims. 

Concerns  escalated  sharply  last  week  as  engineers  in  a  country 
known  for  its  expertise  in  nuclear  technology  scrambled  to  avert 
full-scale  meltdowns  in  power  plants  near  the  quake’s  epicenter. 
For  about  25  years,  researchers  from  the  U.S.  Nuclear  Regula¬ 


tory  Commission  have  been  engaged  in  projects  to 
better  understand  how  a  nuclear  reactor  would  behave 
in  a  severe  accident,  and  get  an  idea  of  the  potential 
consequences  of  a  release  of  radioactive  plumes. 

The  agency  sent  several  of  its  nuclear  experts  to  Tokyo 
last  week  to  provide  assistance  to  Japanese  officials. 

The  latest  NRC  project,  dubbed  State-of-the-Art 
Reactor  Consequence  Analyses,  or  SOARCA,  seeks  to 
“realistically  estimate”  the  overall  effect  of  a  leak  of 
radioactive  material. 

Launched  late  last  year,  SOARCA  expands  on  earlier 
projects  by  using  the  latest  computing  resources  and 
complex  modeling  software  to  generate  more  accurate 
and  realistic  accident  simulations,  say  NRC  officials. 

The  SOARCA  project  uses  a  pair  of  modeling  tools 
developed  by  the  U.S.  Department  of  Energy’s  Sandia 
National  Laboratories:  MELCOR  (Methods  for  Esti¬ 
mation  of  Leakages  and  Consequences  of  Releases), 
which  models  the  “progression  of  severe  accidents  in 
light-water  reactor  nuclear  power  plants”;  and  MACCS2 
(MELCOR  Accident  Consequence  Code  Systems  2),  for 
studying  the  potential  health  implications  of  an  accident 
involving  radiation  leaks,  said  Randall  Gauntt,  manager 
of  Sandia’s  severe  accident  and  consequence  assessment 
department. 

“MELCOR  code  analyzes  severe  accidents  in  nuclear 
power  plants,  [the]  progression  through  core  melting 
should  inadequate  cooling  be  available,  and  the  release 
to  the  environment  should  containment  systems  fail,” 
Gauntt  said. 

Meanwhile,  the  Southern  California  Earthquake  Center,  a 
consortium  of  more  than  60  universities  worldwide,  has  been 
using  the  U.S.  government’s  most  powerful  supercomputers  to 
examine  the  probabilities  of  earthquakes  and  the  damage  they 
could  cause. 

Thomas  Jordan,  director  of  the  center,  said  its  researchers 
estimate  a  99%  probability  that  a  magnitude  6.7  or  larger  quake 
will  hit  California  sometime  during  the  next  30  years.  Jordan  told 
Computerworld  that  high-performance  computing  systems  don’t 
have  the  ability  to  predict  such  an  event,  but  he  added  that  work 
is  under  way  to  improve  forecasting. 

A  7.2  magnitude  earthquake  in  Japan  that  occurred  on 
March  9  is  now  considered  a  foreshock,  but  had  it  not  been  for 
the  subsequent  9.0  magnitude  quake,  the  earlier  tremor  would 
have  been  considered  the  primary  seismic  event,  Jordan  said.  ♦ 
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REUTERS  /  HO  NEW 


AutoVirt  is  the  leading  provider  of  file  virtualization  and  data  mobility  software 
Use  AutoVirt  to  control  the  cost  of  storing  and  managing  file  data: 


©  Assess  your  file  storage 
©  Build  a  global  namespace 
©  Create  and  implement  a  tiering  strategy 
©  Consolidate  user  shares 


©  Migrate  data  without  disrupting  end  user  access 


To  learn  more  about  how  AutoVirt  can  help  you  assess,  organize,  and  manage 
your  storage,  sign  up  for  a  personal  product  demo: 

www.autovirt.com/virtual  lab 


Software  for  Data  Mobility  , 


W.  Craig 
Fugate 


The  FEMA  chief 
wants  to  use  mobile 
technology  to 
customize  alerts 
during  a  disaster. 


The  most  interesting  thing  people 
don’t  know  about  you:  I  kayak. 

The  riskiest  thing  you  ever  did: 

I  went  kayaking  during  a  tropical 
storm  in  Florida.  I  was  very  foolish. 

Your  favorite  vice: 

Coffee.  Large  quantities  of  it. 

My  staff  limits  my  intake  when  I  have 
to  do  public  speaking  or  they  can’t 
get  me  to  shut  up. 

Your  favorite  technology: 

Digital  cameras. 

Your  personal  philosophy: 

Live  in  the  moment.  I  don’t  worry 
about  the  past,  and  I  can’t  do  much 
about  the  future.  All  I  can  do  is  what 
I'm  doing  right  now.  In  a  disaster, 
that's  just  about  the  only  way 
to  maintain  your  sanity. 


BEFORE  BECOMING  administrator  for  the  Federal  Emergency  Management  Agency 
in  May  200 9,  Craig  Fugate  was  a  customer.  As  director  of  the  Florida  Division  of 
Emergency  Management,  he  oversaw  the  state’s  response  to  many  hurricanes. 
Since  coming  to  FEMA,  he  has  responded  to  disasters  such  as  the  tsunami  in 
American  Samoa  and  the  massive  floods  in  Tennessee  last  year.  Fugate  spoke  recently  about 
the  need  for  emergency  data  feeds,  how  social  media  can  play  a  role  in  disaster  response,  and 
his  vision  of  a  future  that  includes  a  proactive,  location-based  warning  system  that  contacts 
cell  phone  users  in  harm’s  way  and  provides  detailed  instructions  on  what  to  do. 

In  what  ways  does  FEMA  use  IT  to  accomplish  its  mission?  We’re  trying  to  change  the 
way  we’re  using  technology.  A  lot  of  the  things  we  were  doing  are  no  longer  relevant, 
particularly  when  we  look  at  things  like  GIS.  For  a  long  time,  the  attitude  here  was, 

Continued  on  page  16 
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1&1®  WEB  HOSTING 


Get  started  today,  call  1-877-GO-1AND1  www.1and1.com 


■  •;  ■  :  ■  lv; 

i  ....  ■'..  ./•":■  i/'-'J-'.,  V: 

'Offers  valid  for  a  limited  time  only.  12  month  minimum  contract  term  applies  for  web  hosting  offers.  Setup  fee  and.other  terms  and  conditions  may  apply.  Domain  offers  valid  fjrsT  year. standard 
pricing  applies.  Visit  www.1and1.com  for  full  promotional  offer  details.  Program  and  pricing  specifications  and  availability  subject  to  change  without  notice.  1&T  and  the/1  &j  logo  ac^trademgrtsof  JOT. Internet  AG, 
all  other  trademarks  are  the  property  of  their  respective  owners.  ©  2011  1&1  Internet,  fnc.  All  rights  reserved. 


1&1@  HOSTING  PACKAGES 

6  MONTHS 


FREE! 


As  the  world's  largest  web  host,  we  know  the  developer 
features  you  need  in  a  hosting  package! 


Need  more  domains? 

.info  domain  only  $0.99  first  year’ 
.com  domain  only  $4.99  first  year* 


More  special  offers  available  on 
our  website! 


Developer  Features 

Extensive  language  support  with  PHP  5/6  (beta)  with 
Zend  Framework  and  git  version  management  software. 


«§r 


\  \  -w 


Homepage  About  us  ; Portfolio  Solutions  Contacts 


.com 
info  .org 
.net 


Domains  Included 

All  hosting  packages  include  domains, 
free  for  the  life  of  your  package.  - 


Online  Marketing  Tools 

SEO  tools  to  optimize  your  website. 

1&1  Webstatistics  makes  it  easy  to  monitor  your  progress 


Green  Data  Centers 

We're  committed  to  hosting  your  site  with 
a  minimal  impact  on  the  environment. 


Print  Portfolio 


Unlimited  Traffic 

Unlimited  traffic  to  all  websites  in  your 
1&1  hosting  package. 


MEMBER  OF 


united 


internet 


OFFER  EXTENDED! 


1&1®  BUSINESS  PACKAGE: 

■  3  Included  Domains 

■  Private  Domain  Registration 

■  250  GB  Web  Space 

■  UNLIMITED  Traffic 

H  NEW:  Version  Management 
Software  (git) 

■  2,500  E-mail  Accounts 

■  50  MySQL  Database  (100  MB) 

■  25  FTP  Accounts 

■  E-mail  Marketing  Tool 

■  24/7  Toll-free  Customer  Support 


THE  GRILL  I  W.  CRAiG  FUGATE 


a  We're  trying 

to  figure  out 
how  to  get  into 
conversations 
with  the  public  without 
getting  into  one-on-one 
transactions,  which  would 
be  next  to  impossible. 


that  has  pertinent  headline 
event  that’s  occurring. 


Continued  from  page  14 
“Well,  we  use  GIS 
to  print  maps.”  You 
have  to  change  the 
mindset  of  the  man¬ 
agers  that  the  tools 
are  a  lot  more  power¬ 
ful  than  that.  That’s 
where  we  are  now, 
just  getting  people  to 
understand  it. 

We  have  a  Web 
page,  but  what  good 
does  it  do  in  a  disaster 
if  people  don’t  have 
Web  access?  But  they 
may  have  a  smart¬ 
phone.  So  we  did  a 
mobile  Web  page 
last  year.  It’s  really  a 
simple  page.  If  you’re 
in  a  disaster  area,  you 
don’t  want  to  see  our 
org  chart  and  you 
don’t  care  about  our 
mission  statement. 
What  you  want  to  do 
is  find  the  informa¬ 
tion  pertinent  to  the 
event  and  how  to 
prepare  against  that 
threat.  So  we  did  a 
very  stripped-down, 
low-bandwidth  page 
information  about  the  big 


FEMA  is  now  pushing  out  information  through  social 
media  channels  such  as  Twitter,  Facebook  and  a 
blog.  Are  you  looking  to  have  a  conversation  with 
peopie  during  a  crisis,  or  just  feed  them  informa¬ 
tion?  We  don’t  have  answers,  but  we  can’t  wait  for 
answers.  Nobody  has  come  up  with  a  blueprint  that 
says  this  is  how  social  media  must  and  will  be  used 
in  all  disasters,  because  it  changes  fast.  We’re  trying 
to  figure  out  how  to  get  into  conversations  with  the 
public  without  getting  into  one-on-one  transactions, 
which  would  be  next  to  impossible. 


Is  everyone  at  FEMA  on  board  with  social  media?  We 

still  run  into  the  naysayers  who  say  you  can’t  trust  the 
public,  you  can’t  do  this,  you’ll  have  bad  outcomes. 

I’ve  always  looked  at  it  the  other  way:  It’s  going  to 
happen,  and  you  need  to  deal  with  it. 

Are  you  planning  to  use  cell  phone  signals  to  locate 
victims  of  future  disasters  in  the  ll.S.?  Yes.  One  of 

the  lessons  learned  in  Haiti  was  that  a  lot  of  survivors 
were  merely  trapped  in  the  rubble.  They  weren’t 


injured,  but  they  were  trapped  for  relatively  long 
periods  of  time  —  far  beyond  what  we  had  seen  in 
many  other  types  of  earthquakes.  But  if  you  have  cell 
signals,  you’ve  got  a  better  chance. 

How  can  FEMA  use  technology  to  be  more  proactive? 

Two  things  are  happening.  One  is  the  evolution  of  the 
emergency  alert  system  under  the  Integrated  Public 
Alert  and  Warning  System.  It’s  in  the  implementation 
phase,  and  commercial  cell  phone  providers  will  have 
to  provide  emergency  alert  warnings  to  customers 
based  on  the  geographical  location  of  those  warnings. 
FEMA  and  the  FCC  have  been  working  for  some  time 
to  provide  geocoded  warnings  that  cellular  carriers 
would  release  based  on  the  locations  of  their  cell 
towers.  This  has  been  in  process  well  before  social 
media  got  going  and  is  just  coming  to  fruition. 

The  next  piece  is,  if  you’re  in  a  hurricane  warning 
area  and  an  evacuation  order  occurs,  wouldn  t  it 
make  sense  that  your  phone  could  tell  you  you’re  in  a 
warning  area,  and  this  is  where  you  need  to  go,  here’s 
turn-by-turn  directions  to  the  nearest  shelter,  all 
without  having  to  go  to  different  Web  pages? 

It’s  always  based  on  what  that  threat  means  to  you, 
and  the  directions  are  specific  to  what  your  needs 
are  — -  not  something  so  generic  that  it  may  not  even 
apply  to  you.  With  broadcast  information,  people 
don’t  always  hear  which  one  they  need  to  do. 

You’ve  had  some  interactions  with  volunteer  groups 
such  as  Random  Hacks  of  Kindness.  How  has  that 
worked  out?  They  said,  “Give  us  a  challenge,”  and  I 
said,  “[In  a  disaster],  wouldn’t  it  be  really  great  if  you 
had  one  app  where  I  could  just  hit  a  button  that  sends 
out  ‘I’m  OK,’  and  it  would  send  the  information  to  all 
of  my  lists,  whether  updating  my  Facebook  status  or 
Twitter  or  sending  a  text?  Just  one  button,  one  app, 
boom.”  So  they  did  that. 

In  the  future,  how  do  you  envision  FEMA  operating, 
and  what  role  will  technology  play?  I  want  to  tear 
down  the  walls  between  what  we’re  doing  with  our 
data  and  our  partners  and  the  public.  There’s  privacy 
issues  if  I’m  collecting  information  about  you  for  as¬ 
sistance.  I  need  to  keep  that  protected.  But  I’d  like  all 
of  the  things  we’re  doing  in  trying  to  help  people  be 
much  more  transparent. 

The  other  part  is  to  make  sure  we  have  data  feeds 
in  a  standard  format  so  we’re  not  seeing  data  entered 
at  multiple  points  repetitively.  We  get  information 
from  the  closest  place  where  it’s  shared,  so  we  don’t 
have  to  call  people  to  ask,  “How  many  shelters  do  you 
have  open?”  As  I  update  my  shelter  information,  I’m 
publishing  it,  and  you  should  see  it  in  your  GIS  maps. 
Those  are  the  kinds  of  things  we  need.  FEMA  can’t 
do  all  of  it,  but  at  least  we  can  be  the  catalyst,  the  grit 
that  makes  the  pearl. 


-  Interview  by  Robert  L.  Mitchell 
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Opteron 


the  possibilities  of  change 
computing  witn  The  power 
of  convergence,. 


HP  Converged  Infrastructure  unlocks  what's  next  with 
virtualization  on  HP  BladeSystem. 

Server  virtualization  has  cut  costs,  but  you  can  do 
more  with  the  simplest  way  to  connect  to  networks— 
HP  Virtual  Connect. 

With  HP  BladeSystem  featuring  HP  ProLiant  G7  servers 
powered  by  AMD  Opteron™  6100  Series  processors, 

HP  Virtual  Connect  lets  you  wire  once  so  you  can  make 
changes  in  minutes  rather  than  days,  cutting  complexity 
and  saving  time. 

HP  Virtual  Connect  can  deliver  up  to: 

•  95%  less  network  sprawl  at  the  server  edge 

*  65%  cost  savings  on  equipment" 

40%  lower  power  and  cooling  costs' 


Unlock  the  possibilities  with  a  free  copy  of 
HP  Virtual  Connect  for  Dummies f. 

»  hp.com/go/compIexity3 


HP  ProLiant  BL465c  G7  server 

•  Two  twelve-core  AMD  Opteron™  6100  Series  processors  installed 

•  16GB  of  memory  installed;  expandable  to  256GB 

•  HP  Smart  Array  P410i  Controller  with  1GB  Flash  Backed  Write  Cache  installed 

•  One  integrated  NC551i  Dual  Port  10Gb  FlexFabric  Converged  Network  Adapter 

•  Up  to  two  HP  hot  plug  small  form  factor  SAS,  SATA,  or  Solid  State  drives 

$4,509  (Save  $777) 

Lease  for  just  $1 10/mo.f 

fjSBM(PN:  630444-S01) 


‘For  detoils  on  claim  substantiations,  visit  hp.com/go/complevity3 

‘Prices  shown  are  HP  Direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are 
subject  to  change,  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to 
recipient's  address.  Offers  cannot  be  combined  with  any  other  offer  or  discount  and  are 
qood  while  supplies  last.  All  featured  available  offers  in  U.S.  only.  Savings  based  on  HP 
published  list  price  of  configure-to-order  equivalent  (HP  Proliant  BL4o5c  G7  server.  $5,2oo 
-$777  =  SmartBuy  price  $4,509).  Financing  available  through  Hewlett-Packard  Financial 
Services  Company  and  its  subsidiaries  (HPFSC)' lo  qualified  commercial  customers  in  the  U.S. 
and  is  subject  to  credit  approval  and  execution  of  standard  HPFSC  documentation.  Prices 
shown  are  based  an  a  lease  48  months  in  term  with  a  fair  market  value  purchase  option  at  the 
end  of  the  term,  and  are  valid  through  December  31 ,  201 1 .  Other  charges  and  restrictions  may 
apply.  HPFSC  reserves  the  right  lo  change  or  cancel  this  program  at  any  time  without  notice, 

p  201 1  Hewlett  Packard  Development  Company,  L.P.  The  information  contained  herein  is 
subject  lo  change  without  notice.  The  only  warranties  for  HP  products  and  services  are  Set  forth 
in  tire  express  warranty  statements  accompanying  such  products  and  services.  Nothing  herqm  . 

should  be  construed  as  constituting  an  additional  warranty.  HP  shall  not  be  liable  tor  .technical. 

or  editorial  errors  or  omissions  contained  herein. 

AMD,  the  AMD  Arrow  logo,  AMD  Opteron,  and  combinations  thereof,  are  trademark  of  AMD 
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I  Want  My  iPad  at  Work! 


You  may  want 
to  get  users  to 
standardize  on 
one  platform, 
but  they’re 
determined 
to  go  their 
own  way. 


Steven  J.  Vaughan- 
Nichols  has  been 
writing  about 
technology  and  the 
business  of  technology 
since  CP/M-80  was 
cutting-edge  and 
300bit/sec.  was  a  fast 
Internet  connection  - 
and  we  liked  it! 
He  can  be  reached  at 
sjvn@vnal.com. 


OES  IT  SEEM  TO  YOU  that  everyone  and  his  brother  wants  to  bring 
his  own  gear  into  the  office  now?  You’ve  got  users  who  want  to 
bring  their  Apple  iPads  to  work,  and  others  who  want  to  use 
iPhones  or  Android  smartphones  instead  of  company-supplied 


BlackBerries.  And  someone  out  there  has  surely 
tried  to  bring  in  an  Xbox  Kinect  to  work  on  . . .  uh 
. . .  3D  motion  analysis?  Yeah!  That’s  the  ticket! 

OK,  so  maybe  no  one  has  managed  to  get  a 
Kinect  into  the  office,  but  people  are  always 
trying  to  bring  their  tech  toys  to  work.  As  Patrick 
Thibodeau  tweeted  from  this  year’s  Computer- 
world  Premier  100  IT  Leaders  conference,  “CIOs 
who  don’t  support  employee-owned  devices, 
smartphones,  iPads,  etc.,  may  be  a  minority:  i.e. 
dinosaurs.” 

This  isn’t  just  talk.  According  to  Nielsen,  Black- 
Berry  maker  RIM  is  in  a  dead  heat  with  Apple’s 
iOS  and  Google’s  Android  in  the  mobile  operating 
system  market,  but  it’s  losing  ground.  Forty-three 
percent  of  recent  smartphone  buyers  purchased 
an  Android  device,  while  26%  chose  an  iOS-based 
device  and  20%  opted  for  a  BlackBerry. 

Of  course,  some  employers  just  say  no  to  all 
personal  phones  and  tablets,  though  they  do  seem 
to  be  in  the  minority.  And  what  the  heck  is  a 
CIO,  CTO  or  anyone  in  IT  support  to  do?  Support 
multiple  platforms  with  the  same  budget?  That’s 
exactly  what  most  companies  seem  to  be  trying  to 
do.  But  there  are  no  serious  management  tools  that 
can  handle  iPads,  iPhones  and  Android  phones. 
Some  vendors  are  trying  to  offer  tools  that  do  that, 
but  no  one  has  emerged  as  a  market  leader. 

There  are  complications  beyond  that.  Google’s 
Android  Market  has  real  security  problems,  as  we 
have  painfully  discovered.  What’s  IT  supposed  to 
do?  Turn  off  the  app  store  functionality?  How? 
Remove  user-installed  applications?  I  don’t  think 
so.  Insist  that  users  run  only  approved  applications? 
Good  luck  with  that!  Insist  that  they  all  install  an 
antivirus  program  of  the  company’s  choosing?  Well, 


that’s  probably  doable,  but  it’s  not  perfect. 

The  problem  isn’t  just  the  IT  department’s, 
though.  Let’s  say  an  iPhone  user  gets  laid  off  and 
the  powers  that  be  want  all  corporate  e-mails  off 
of  his  phone  now.  How  do  you  deal  with  that? 
That’s  a  good  question,  and  I  don’t  have  a  great 
answer.  I  don’t  think  anyone  does  at  this  point. 

This  isn’t  the  first  time  we’ve  run  into  this  kind 
of  problem.  In  the  ’70s  and  ’80s,  the  first  PCs  that 
appeared  in  many  offices  belonged  to  employees.  IT 
tried  to  keep  us  on  mainframes  or  minicomputers, 
but  once  you  went  PC,  you  couldn’t  go  back. 

But  back  then,  IT  faced  an  influx  of  things 
running  CP/M  and  MS-DOS,  which  were  more 
or  less  compatible  with  one  another.  Today,  it’s 
several  different  platforms  —  phones,  tablets  and 
laptops  —  using  an  even  wider  variety  of  operat¬ 
ing  systems.  (Android  alone  had  four  different 
versions  at  last  count.) 

I  wish  I  had  an  easy  answer.  I  don’t.  You  may 
want  to  get  users  to  standardize  on  one  platform, 
but  they’re  determined  to  go  their  own  way  — 
apparently  with  corporate  data  in  their  pockets. 

There  wasn’t  a  solution  back  in  the  day,  either. 
Eventually,  for  better  or  for  worse,  IT  settled  on 
Microsoft  products  for  the  desktop,  and  then  for 
the  laptop.  I  don’t  see  that  happening  this  time. 
Microsoft’s  earlier  success  came  thanks  to  illegal 
pressure  on  PC  vendors.  In  this  go-round,  Micro¬ 
soft  is  barely  a  player  on  the  new  platforms,  Apple 
still  has  little  interest  in  the  business  market,  and 
everyone  else  is  doing  their  own  thing. 

It’s  going  to  be  a  rough  few  years  in  the  IT  busi¬ 
ness.  I’m  just  glad  that  although  I’ll  be  covering  it, 
I  won’t  be  in  it.  Good  luck,  guys  and  gals.  You’re 
going  to  need  it.  ♦ 
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Companies  in  various 
vertical  industries 
are  taking  tentative 
steps  toward  the 
savings,  and  risks, 


of  the  cloud. 

BY  BETH  SCHULTZ 


IT’S  BEEN  NEARLY  FIVE  YEARS  to  the  day  since 
Amazon  introduced  its  groundbreaking  Simple 
Storage  Service  —  or  S3,  as  it’s  more  commonly 
known.  But  despite  that  offering’s  track  record, 
many  enterprise  IT  executives  still  struggle  with 
the  notion  of  using  cloud-based  storage  services 
to  hold  their  corporate  data. 

Whether  they’re  in  manufacturing,  finance, 
healthcare  or  education,  IT  professionals  are  as  concerned 
as  ever  about  data  security  and  privacy,  with  regulatory 
compliance  weighing  heavily  on  their  minds,  so  they 
fret  about  sending  data  offsite.  Likewise,  they  wonder  if 
performance  will  be  adversely  affected  if  there’s  a  long 
distance  between  an  application  and  its  storage  site. 

For  reasons  such  as  those,  “we’re  really  not  seeing 
much  willingness  to  put  enterprise  data  in  the  cloud 
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yet,”  says  Gartner  analyst  Adam  Couture,  who  covers 
storage  services. 

That  isn’t  to  say  that  enterprises  are  shying  away 
from  cloud  storage  entirely.  Many  companies  in  verti¬ 
cal  markets  of  every  ilk  have  found  the  cloud  to  be  a 
perfect  fit  for  their  backup,  archival  and  file  data.  In 
other  words,  the  cloud  makes  sense  when  speed  of 
retrieval  isn’t  an  issue. 

And  Couture  says  the  perception  of  the  cloud’s  suit¬ 
ability  as  a  storage  medium  for  mission-critical  data  and 
applications  will  change  over  the  years,  as  enterprises 
grow  to  accept  public  cloud  computing  in  general. 

“If  you’re  running  Amazon  EC2  [the  company  s 
cloud  computing  service]  and  S3,  and  the  storage  is  the 
same  physical  location  as  the  server,  latency  becomes 
a  nonissue,  and  you  won’t  be  charged  every  time  you 
move  the  data,  because  it’s  local,’  he  says. 

Storage  That’s  Simple 

In  fact,  you  can  already  find  notable  organizations  using 
cloud  storage  in  a  variety  of  industries.  Turning  to  the 
cloud  is  a  logical  move  when  you’re  involved  in  distribut¬ 
ing  a  lot  of  data  to  a  Web  site,  perhaps  with  the  help  of 
a  content  delivery  network.  Indeed,  prime  examples  of 
cloud  storage  users  are  companies  in  media,  retail  and 
other  verticals  that  are  accustomed  to  finagling  content 
delivery  over  the  Web. 

“When  we  think  about  who’s  using  the  public  cloud 
for  storage,  it’s  really  those  like  media  companies  that 
have  need  for  fluctuating  storage,  and  a  lot  of  it.  They  go 
to  the  cloud,  plop  stuff  in  extra  storage  that  they  need  for 
a  certain  period  of  time  —  it’s  a  fluid  resource  for  them,” 
says  Ruthbea  Yesner  Clarke,  an  analyst  at  IDC. 

Streaming  media  is  the  perfect  use  case  for  public 
cloud  storage,  Clarke  adds. 

“That’s  extremely  storage-heavy.  It’s  constantly  being 
pinged,  but  it  also  involves  lots  of  peaks  and  valleys  and 
back-and-forth  flow  to  a  main  pile  of  storage,”  she  says. 

For  example,  PBS  Interactive  stores  90%  of  its  stream¬ 
ing  video  content  in  the  Amazon  S3  cloud.  “S3  is  brain- 
dead  simple  —  you  put  stuff  in  it  and  take  stuff  out  of  it,” 


Savings  a  Plus 

What  are  the  key  benefits 
of  cloud  storage? 


SOURCE:  CUCLixi 


Security  a  Worry 

What  are  the  key  drawbacks 
of  cloud  storage? 


Puts  our  data  at  risk 


Can’t  meet  our  regulatory 
compliance  mandates 


Costs  more 


Data  isn’t  as  readily  available 
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says  Drew  Engelson,  chief  architect  and  senior  director 
of  platform  development  at  PBS  in  Arlington,  Va. 

In  PBS’s  case,  S3  is  the  origin  server  for  media  assets 
that  get  delivered  via  Amazon’s  CloudFront  content  deliv¬ 
ery  network.  “We  put  the  high-bit-rate  original  files  on  S3 
for  permanent  storage  and  for  ingestion  into  transcoding 
workloads.  So  we’ll  drop  a  high-bit-rate  file  into  a  particu¬ 
lar  S3  bucket  that  is  being  monitored  by  a  transcoding 
service,”  he  says.  “The  transcoding  service  will  pick  up 
that  high-bit-rate  file,  transcode  it  into  our  final  output 
format  and  drop  those  into  a  different  S3  bucket.  F rom 
there  we  can  deliver  those  files  through  CloudFront.” 

It  would  have  been  possible,  but  difficult,  to  stream 
video  content  using  a  traditional  infrastructure,  ac¬ 
cording  to  Engelson.  “We  re  a  media  organization,  with 
a  goal  of  delivering  as  much  PBS  content  to  end  users 
as  possible.  We’ve  simply  found  that  this  is  one  way 
that  makes  it  easier  to  do  that,”  he  explains. 

Success  stories  like  that  have  helped  generate  inter¬ 
est  in  public  cloud  storage,  says  Couture.  After  all,  the 
model  does  come  with  considerable  positives  —  seal- 
ability  up  and  down,  pay-by-use  pricing,  vendor-provided 
management,  and  software  agnosticism.  Those  qualities, 
of  course,  are  particularly  appealing  to  lean  start-ups 
and  small  and  midsize  companies,  he  says. 

Gartner  is  projecting  100%  year-over-year  growth  in 
public  cloud  storage  services  for  the  next  five  years  — 
though  Couture  points  out  that  that’s  starting  from  a 
minuscule  base.  For  2011,  Gartner  projects  that  cloud 
storage  revenue  will  hit  $150  million  to  $200  million. 
“That  isn’t  an  extensive  neighborhood,”  Couture  says. 

For  example,  financial  services  companies,  by  nature 
conservative,  generally  aren’t  going  to  put  customer- 
specific  data  in  the  cloud,  says  Andrew  Reichman,  an 
analyst  at  Forrester  Research.  But  then  again,  he  adds, 
they  tend  to  be  big  companies  with  the  wherewithal  to 
build  their  own  data  centers  cost-effectively  and  there¬ 
fore  have  less  of  a  need  to  use  the  public  cloud. 

When  you  consider  public  cloud  storage  in  terms 
of  vertical  industries,  you  have  to  think  about  secu¬ 
rity  and  risk,  says  Reichman.  “Public  cloud  storage  is 
certainly  getting  a  lot  of  attention,”  he  says. 
“But  the  questions  are  about  where  it  can  fit 
down  the  road.  It’s  not  a  ready-to-go  thing.” 

Whether  public  cloud  storage  providers 
thrive  or  wither  away  may  depend  on  how 
well  they  understand  two  things,  Reichman 
says:  how  companies  in  different  industries 
use  data,  and  how  important  it  is  for  those 
companies  to  keep  their  data  secure. 

A  new  crop  of  cloud  providers,  includ¬ 
ing  Cirtas  Systems,  Nasuni,  Panzura  and 
StorSimple,  have  developed  gateway  storage 
products  designed  to  be  flexible  enough  to 
accommodate  enterprises’  varying  storage 
needs.  In  essence,  these  vendors  enable 
users  to  build  hybrid  clouds,  using  local 
caches  for  data  that  is  used  frequently,  must 

Continued  on  page  24 


22  COMPUTERWORLD  MARCH  21.  2011 


Cloud  by  Van  Gogh,  1890  Cloud  by  SunGard,  2011 


A  work  of  art  in  secure  computing. 

Building  a  better  cloud  takes  a  revolutionary  approach  to 
virtualization  that  goes  far  beyond  conventional  solutions. 
With  a  resilient  infrastructure  and  robust  security,  SunGard 
provides  maximum  protection  and  a  fully  managed  solution 
that  virtually  eliminates  the  risk  of  failure.  Navigate  the  cloud 
with  confidence  as  it  dynamically  scales  to  meet  your  needs. 
With  leading-edge  technology  and  a  staff  of  accomplished 
professionals,  SunGard  can  help  make  your  next  cloud 
computing  project  a  work  of  art. 


Download  the  white  paper 
"Building  a  Better  Cloud" 
at:  sungardas.com/cloud11 


©  2010  SunGard  SunGard  and  the  SunGard  logo  are  trademarks  or  registered  trademarks  of  SunGard  Data  Systems  Inc.  or  its  subsidiaries  in  the  U.S.  and  other  countries 
All  other  trade  names  are  trademarks  or  registered  trademarks  of  their  respective  holders. 


SPOTLIGHT 


;  '  ,.\r  -Mk' 

.  !.■  '  '  ■ 

•  .  t.  ■ 


Encryption  should  help 
relieve  any  concerns  about 
security  and  compliance  that 
IT  professionals  might  have 
when  they’re  contemplating 
public  cloud  storage  use, 
experts  say. 

“If  the  data  is  all  encrypted  and  the  keys  are 
managed  by  the  enterprise,  then  the  company  is 
pretty  much  protected  from  privacy  regulations 
like  PCI  and  HIPAA,”  says  Ted  Ritter,  an  analyst 
at  Nemertes  Research.  “Physical  location  of  the 
data  might  come  into  play  for  some  companies, 
but  really  the  key  is  to  encrypt." 

Gartner  analyst  Adam  Couture  agrees.  “I’ve 
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seen  companies  say,  ‘Oh,  we’re  HlPAA-compliant 
and  so  our  cloud  storage  provider  needs  to  be 
HlPAA-compliant,  too.  But  HIPAA  says  nothing 
about  the  architecture  of  the  storage  itself,”  he 
says.  “It’s  really  loosey-goosey.” 

What  that  means,  according  to  Couture,  is  that 
regulatory  concerns  might  affect  a  cloud  stor¬ 
age  decision,  but  the  No.  1  trepidation  is  really 
security.  “And  for  that,  all  I  can  say  is  if  you’re 
going  to  put  stuff  out  there,  you’d  better  encrypt 
it.  And  then  at  the  end  of  a  retention  period, 
throw  away  the  encryption  keys,”  he  says.  “Your 
data  might  still  be  sitting  out  there  on  Amazon, 
but  it’s  unusable”  if  it’s  encrypted. 

Amer  Khan,  senior  vice  president  of  product 
management  and  development  at  eGistics,  a 
Dallas-based  provider  of  hosted  document  man¬ 
agement  software,  agrees  that  it’s  important  to 
encrypt  data.  A  user  of  AT&T  Synaptic  Storage  as 


a  Service,  eGistics  encrypts  its  data  locally  and 
as  it  moves  into  the  storage  cloud. 

The  company  also  checked  out  AT&T’s  data 
centers  prior  to  committing  to  using  its  cloud 
storage  service.  “AT&T  is  SAS  70  Type  II-  as  well 
as  PCI-  and  HlPAA-compliant.  Those  are  impor¬ 
tant  to  us,”  Khan  says.  “Historically,  all  the  data 
was  under  our  control  and  management.  As  we 
give  that  up,  we  have  to  make  sure  all  the  same 
types  of  controls  are  in  place  and  that  we’re 
not  dropping  the  level  of  security  on  that  data. 
That’s  paramount  to  our  customers.” 

At  eGistics,  the  decision  to  use  cloud  storage 
was  part  of  a  move  to  cloud  computing  in  gen¬ 
eral;  it  also  uses  AT&T  Synaptic  Hosting.  That’s 
not  uncommon,  says  Ritter:  “First  you  make  the 
decision  to  do  cloud  computing,  then  you  figure 
out  how  to  handle  the  storage.” 

-  BETH  SCHULTZ 
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be  accessed  quickly,  requires  tight  security  or  is  other¬ 
wise  unsuited  for  the  cloud,  while  sending  the  rest  out 
to  public  storage. 

“If  a  service  provider  can  say,  ‘We  know  your 
workflow.  We  know  how  you  deal  with  your  custom¬ 
ers.  We  know  that  this  data  is  sensitive  and  that  data  is 
not,  and  we  propose  to  do  a  better  and  cheaper  job  of 
holding  the  nonsensitive  data  for  you,’  then  it’s  much 
more  viable  for  that  company  to  say,  ‘This  offering  will 
meet  your  needs,’  ”  Reichman  adds. 

Data  management  service  provider  Iron  Mountain,  for 
example,  has  added  an  onsite  storage  option  to  supplement 
its  Digital  Record  Center  for  Medical  Images,  a  cloud 
storage  service  for  medical  data.  The  combination  gives 
healthcare  organizations  greater  flexibility  in  crafting 
their  access  and  backup  processes,  says  Iron  Mountain. 

But  while  many  providers  claim  that  their  offerings 
enable  compliance  with  specific  regulatory  mandates, 
there  are  few  cloud  storage  services  that  are  truly 
oriented  to  specific  vertical  industries,  according  to 
Reichman.  “It  would  be  hard  for  me  to  say  that  there  is 
any  major  vertical  where  core  applications  are  moving 
to  the  cloud  yet,”  he  says. 

Cloud  Pays  Off  for  Accounting  Firm 

“Like  everybody  else,  our  storage  needs  are  very  diverse, 
and  there  are  many  different  reasons  for  putting  data 
in  the  cloud  or  not,”  says  Peter  Henley,  CIO  at  Clark 
Nuber,  a  Bellevue,  Wash.-based  accounting  firm. 

For  example,  the  company  has  solved  version-control 
problems  since  it  started  using  the  cloud  to  store  data 
that  Clark  Nuber  accountants  and  clients  closely 
collaborate  on,  he  says.  The  firm  keeps  its  data  in  Ama¬ 
zon’s  S3  cloud  and  has  a  file-sharing  application  from 
ShareFile  on  the  front  end.  That  setup  has  been  a  huge 
hit  with  users,  according  to  Henley. 


“We  tried  a  highly  collaborative  portal,  where  we’d 
have  contact  lists,  calendars,  tasks  and  all  that,  but 
nobody  used  it  —  and  we  still  needed  to  collaborate 
on  file  storage,  or  file  manipulation,”  he  explains.  “We 
needed  a  place  where  everybody  could  go,  and  this  is 
so  simple.  People  see  a  file,  they  download  the  file,  they 
put  it  back  and  we  pick  it  up.” 

When  Clark  Nuber  was  deciding  on  a  file-sharing 
provider,  security  was  a  prime  consideration.  “We 
needed  a  provider  that  was  large  enough  —  certainly 
larger  than  us  —  with  volume  on  its  side  so  it  could 
afford  a  much  more  secure  data  center  than  we  could,” 
says  Henley.  “Security  was  an  easy  call,  actually.  Secu¬ 
rity  is  going  to  be  much  better  at  a  place  like  Amazon 
than  it  is  at  Clark  Nuber  —  we  don’t  have  armed 
guards  outside  our  server  room,  if  you  get  my  point.” 

Clark  Nuber  clients  who  want  data  security  assur¬ 
ances  can  get  a  SAS  70  audit  report  from  Amazon,  as 
well  as  statements  from  ShareFile  and  Clark  Nuber 
itself  on  their  roles  in  the  security  chain.  “They’re  all 
different.  ShareFile  and  Clark  Nuber  don’t  provide 
physical  security  for  the  data;  Amazon  does  that.  Clark 
Nuber  doesn’t  provide  any  management  of  how  the 
data  gets  to  browsers;  ShareFile  does  that.  Neither 
Amazon  nor  ShareFile  assigns  users  or  has  access  to 
passwords;  Clark  Nuber  does  that,”  Henley  explains. 

Because  Clark  Nuber  doesn’t  audit  public  companies, 
it  doesn’t  have  to  take  into  account  U.S.  Securities  and 
Exchange  Commission  mandates.  But  it  does  anyway, 
Henley  says.  For  example,  it  ensures  that  data  is  encrypt¬ 
ed  while  in  transport  and  locked  down  while  at  rest,  and 
it  can  assess  audit  logs  should  a  breach  occur. 

Use  of  cloud-based  file-sharing  was  once  a  competi¬ 
tive  differentiator  among  accounting  firms,  but  that’s 
not  necessarily  the  case  anymore.  “Everybody’s  getting 
into  this  now,”  says  Henley. 

Continued  on  page  26 
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Education  Group  Goes  Off-campus 

For  WhippleHill  Communications,  which  provides  a 
hosted  Web  communications  platform  for  private  schools, 
the  need  for  a  better  backup  strategy  led  to  the  cloud,  says 
Doug  Smart,  IT  manager  at  the  Bedford,  N.H.,  company. 

Today  WhippleHill  backs  up  critical  data  using  a 
public  cloud  backup  service  from  Zetta.  The  company 
had  been  backing  up  those  files  to  disk  and  storing  them 
in  a  different  building  on  the  corporate  campus,  Smart 
says.  “We  decided  that  really  wasn’t 
offsite  enough  for  data  like  our  source 
code,  documentation  and  Wikis.  We 
needed  to  get  those  out  of  here,  and 
Zetta  made  it  easy,”  he  adds.  He  points 
out  that  Zetta  helped  WhippleHill  write 
automated  backup  scripts  and  that  it 
offers  Windows  sync  capabilities  and 
support  for  a  wide  variety  of  file  system 
protocols  —  including  Secure  Shell 
FileSystem,  which  WhippleHill  uses  for 
Linux  server  backups. 

Still,  Smart  says  he’s  not  ready  to 
entrust  highly  sensitive  data,  such  as 
human  resources  information  or  credit 
card  numbers,  to  cloud  storage.  And 
he  wouldn’t  change  his  mind  on  that 
before  thoroughly  investigating  Zetta’s 
policies  and  procedures  for  ensuring  that  its  custom¬ 
ers  can  meet  mandates  such  as  the  those  of  the  PCI 
Security  Standards  Council.  “Frankly,  I  haven’t  talked 
to  Zetta  about  encryption  on  its  end,  because  it  hasn’t 
been  important  for  what  we’ve  got  out  there  now,”  says 
Smart,  noting  that  the  data  is  encrypted  across  the 
wire  and  protected  by  passwords. 

Local  Government  Alleviates  Risk 

Brian  Moynihan,  IT  director  for  Clinton,  Mich.,  a 
small  town  20  miles  northeast  of  Detroit,  faced  similar 
data  storage  decisions. 

“Of  course,  we  do  the  industry-standard  backups, 
with  multiple  copies  on  RAID  drives  and  online  storage 
in  vaults.  But  ultimately  we  realized  the  township  in  and 
of  itself  is  a  centralized  location.  No  matter  how  many 
copies  of  data  I  have  in  buildings  around  the  township, 
in  the  face  of  a  natural  disaster,  we  still  have  a  single 
point  of  failure  in  terms  of  our  stored  data,”  he  says. 

A  year  and  a  half  ago,  Clinton’s  steering  committee 
began  exhaustive  discussions  about  how  best  to  address 
that  problem.  It  eventually  decided  to  turn  to  public 
cloud  storage,  but  at  that  time  the  most  readily  available 
options  were  consumer-oriented  offerings  from  Carbo- 
nite  and  Mozy,  Moynihan  says. 

“We  began  investigating  what  it  would  take  for  us  to 
do  honest-to-goodness  cloud-based  offsite  storage  but 
didn’t  initially  find  anything  that  provided  a  real  good 
fit  for  what  we  wanted  to  do,  which  was  to  have  an  ar¬ 
chived,  easily  accessible  offsite  copy  of  our  data,”  he  says. 
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Warming  Up 

Do  you  expect  to  move  your 
organization’s  storage  to  the  cloud? 

2011  2010 


SOURCE:  EXCLUSIVE  C0UPUURW0RLD  SURVEYS 
BASE:  166  IT  PROFESSIONALS,  2010,  63  IT 
PROFESSIONALS.  FEBRUARY  2011 


Then  officials  discovered  AT&T  Synaptic  Storage  as 
a  Service,  a  pay-as-you-go  storage  option  that  was  par¬ 
ticularly  attractive  to  the  revenue-strapped  municipal¬ 
ity,  Moynihan  says.  Although  the  township  hasn’t  yet 
begun  using  the  Synaptic  service  (Moynihan  says  key 
municipal  decision-makers  move  at  a  glacial  pace),  it 
intends  to  rely  on  it  for  daily  system  backups  and  opera¬ 
tional  backups  of  financial  management  applications 
and  other  systems  used  on  a  day-to-day  basis.  Later,  it 
will  use  Synaptic  for  long-term  archiving  of  documents 
such  as  death  records  and  property  deeds  that  must  be 
accessible,  essentially,  forever. 

With  the  daily  system  and  operational  backups, 
Moynihan  says,  compliance  isn’t  an  issue.  But  the  steer¬ 
ing  committee  has  concerns  about  the  archiving.  While 
the  Freedom  of  Information  Act  requires  that  much  of 
the  township’s  historical  data  must  be  readily  accessible, 
“that  doesn’t  mean  we  want  to  publish  everything  openly 
on  the  Web,”  he  says. 

When  choosing  a  public  cloud  storage  provider, 
Moynihan  says,  officials  had  to  consider  where  in 
the  world  the  data  might  be  kept.  “For  emotional  and 
political  reasons,  people  here  don’t  want  our  data  across 
borders,”  he  explains. 

For  example,  he  had  to  rule  out  Google’s  cloud 
storage  offering,  because  the  company  couldn’t 
guarantee  that  the  township’s  data  would  be  stored  on 
domestic  servers.  AT&T,  on  the  other  hand,  identified 
the  specific  data  center  that  would  hold  Clinton’s  data 
—  and  it  said  the  information  would  be  encrypted. 

Pharmaceutical  Firm  Trusts  the  Cloud 

At  AMAG  Pharmaceuticals,  storage  is  part  and  parcel  of 
a  cloud  computing  strategy  aimed  at  reducing  IT  costs 
and  optimizing  business  capabilities.  The  Lexington, 
Mass.,  biopharmaceutical  company  uses  Amazon’s  EC2 
infrastructure  and  S3  storage  services,  as  well  as  software- 
as-a-service  options  when  possible,  says  Nate  McBride,  ex¬ 
ecutive  director  of  IT.  “We’re  moving  all  of  our  storage  to 
that  environment,  in  two  buckets  —  for  files  and  e-mail,” 
he  says,  noting  that  the  company  uses  Egnyte’s  Cloud  File 
Server  on  the  front  end  for  files  and  Google  and  Postini 
systems  for  storage  and  archiving  of  e-mail. 

McBride  dismisses  common  concerns  about  cloud 
storage,  saying  he  trusts  the  vendors  to  provide  better 
data  security  than  his  small  organization,  and  he  notes 
that  AMAG  is  in  compliance  with  all  relevant  federal 
and  state  mandates,  including  the  Sarbanes-Oxley  Act. 
Simplistically  speaking,  he  says,  it’s  done  by  not  linking 
AMAG  and  its  personnel  with  the  respective  data  types. 

For  public  cloud  storage  users  like  McBride  and  PBS’s 
Engelson,  the  question  seems  to  be,  “What’s  the  fuss?” 

“Talking  about  S3  seems  so  mundane;  it  really  has 
become  something  that  I  don’t  worry  about,”  Engelson 
says.  “It’s  really  just  an  extension  of  what  we  do  —  we 
have  to  store  our  data  somewhere,  and  S3  is  our  stan¬ 
dard  for  that.”  ♦ 

Schultz  is  a  longtime  IT  writer  and  editor  in  Chicago.  You 
can  reach  her  at  bschultzs824@gmail.com. 
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Migrate  every  five  years.” 

That  might  sound  like  a  guideline 
for  dysfunctional  birds,  but  it’s 
actually  a  software  setting  that  the 
National  Film  Board  of  Canada 
uses  in  its  digital  archiving  system. 
“The  data  has  to  be  kept  for  infin¬ 
ity,  so  there  has  to  be  a  migration  process,”  says  Julie  Dutri- 
sac,  head  of  research  and  development  for  the  film  board  in 
Montreal,  which  preserves  13,000  Canadian  films.  “When 
you  get  into  the  digital  domain,  you  are  stuck  migrating.” 

Migration,  of  course,  means  moving  the  material 
to  new  storage  hardware,  because  the  old  hardware 
can’t  be  expected  to  last  much  more  than  five  years,  or 
because  of  expected  obsolescence. 

“Most  storage  products  have  a  five-year  warranty,  and 
most  users  are  in  the  practice  of  replacing  their  systems 
every  five  years,  with  infrastructures  becoming  com¬ 
pletely  transformed,  like  a  snake  shedding  its  skin,  in 
a  maximum  of  10  years,”  says  John  Monroe,  an  analyst 
at  research  firm  Gartner.  “But  it  has  to  be  done  without 
changing  any  data  bit.  People  are  terrified  about  it.  It 
keeps  IT  managers  up  at  night.” 

But  better  sleep  may  be  on  the  way  in  as  little  as 
five  years  because  researchers  are  working  to  develop 
storage  technology  that  should  be  reliable  for  decades 
rather  than  years,  slashing  the  need  for  migration. 


Racetrack  Memory 

Scientists  at  IBM,  for  example,  are  cooking  up  a 
technology  called  “racetrack  memory,”  which  consists 
of  microscopic  segments  of  U-shaped  nanowires  of 
ferromagnetic  material  suspended  vertically  in  CMOS 
chips.  Each  nanowire  carries  about  100  bits,  encoded  as 
nonvolatile  spots  of  magnetism. 

“I  think  it  will  be  the  storage  Utopia,”  says  Stuart 
Parkin,  an  IBM  fellow  at  the  Almaden  Research  Center 
in  San  Jose.  “There  are  no  trade-offs.” 

He  foresees  response  times  of  1  nanosecond,  rather  than 
the  tens  of  nanoseconds  of  today’s  system  DRAM.  The 
cost  should  be  on  par  with  that  of  disk  drives,  but  with  a 
millionfold  performance  advantage.  Meanwhile,  racetrack 
units  should  be  much  more  compact  than  hard  drives, 
since  they  don’t  need  a  motor  or  spindle,  Parkin  notes. 

“We  move  the  data  without  moving  any  atoms,”  he 
adds.  “There  is  no  mechanical  motion.  Instead,  we  are 
rotating  magnetic  moments,  i.e.,  the  direction  of  the 
magnetic  field.” 

The  expected  longevity  of  the  data  would  depend 
on  the  final  design  of  a  specific  racetrack  system  and 
could  extend  for  decades.  “Most  magnetic  devices  are 
designed  for  10  years,  and  ours  should  last  at  least  that 
long,”  Parkin  says.  But  he  predicts  that  few  people 
would  want  to  keep  any  system  longer  than  a  decade, 
due  to  the  pace  of  technological  progress. 

Parkin  expects  to  see  the  technology  on  the  market 
in  five  to  seven  years. 

IBM  has  other,  unspecified  research  projects  with  a 

Continued  on  page  30 


Today,  long-term  data  storage  requires 
constant  oversight.  But  researchers  hope 
cool  new  technologies  will  change  that 
soon.  BYLAMONTWOOD 
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XPERTS  AGREE  that  data  preservation  doesn’t  happen  by  itself  - 
and  this  will  remain  the  case,  even  with  any  future  long-term  non¬ 
volatile,  migrationless  storage  technology. 

“It  takes  a  lot  of  care  and  maintenance  to  keep  digital  information 
around,”  notes  Alistair  Veitch,  director  of  HP’s  Storage  and  Information 
Management  Platforms  Lab.  "To  do  it  right,  you  need  multiple  copies,  prob¬ 
ably  in  multiple  formats,  and  you  need  to  audit  them  periodically.” 

Multiple  formats  are  used  for  logical  preservation,  as  a  hedge  against  format  or  software 
obsolescence.  Many  organizations  archive  data  in  multiple  formats,  including  the  original 
format  and  an  image  format,  in  hopes  that  one  will  remain  interpretable,  says  Veitch. 

“Images  are  the  lowest  common  denominator,  and  I  think  a  straight  GIF  or  JPG  will  be  in¬ 
terpretable  decades  from  now,”  Veitch  says,  adding  that  some  organizations  also  use  PDF. 

.  Beyond  that,  the  archive  itself  needs  to  be  a  fully  documented,  open  system,  especially  the 
file  system  and  the  metadata  database,  so  that  someone  could  write  a  program  to  read  the 
information  in  a  future  environment,  adds  Molly  Rector,  chairman  of  the  board  of  the  Active 
Archive  Alliance  and  vice  president  at  archive  system  vendor  Spectra  Logic. 

"That  is  the  big  shift  -  the  solutions  were  all  proprietary  until  a  couple  of  years  ago,” 
Rector  says,  adding  that  newer  open  archiving  systems  often  aren’t  as  feature-rich  but 
may  be  significantly  less  expensive.  As  for  auditing,  even  if  the  storage  hardware  lasts  for 
decades,  there  must  be  ongoing  data-integrity  validation.  “You  can’t  just  let  it  sit  there  for 
50  years  and  trust  your  archives,”  says  Rector. 

Overall,  "there  is  no  one  piece  of  hardware  that  will  save  us,”  Veitch  adds,  “but  l  think  that 
we  will  get  solid-state  storage  that  will  last  for  decades,  and  I  hope  to  see  it  in  five  years.” 

-  LAMONT  WOOD 
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goal  of  developing  technology  that  could  store  data 
for  50  years,  adds  Doug  Balog,  IBM’s  vice  president  of 
storage  platforms.  But  “it’s  not  something  you’ll  be  able 
to  buy  tomorrow,”  he  cautions. 

In  the  meantime,  “long  term,  nothing  is  cheaper 
than  storing  things  on  tape,  and  we  continue  to  invest 
in  its  development,”  says  Bruce  Hillsberg,  head  of  IBM’s 
Research  Storage  Systems  Group  at  Almaden.  Recent 
research  indicates  that  tape  cartridge  capacity  can  be 
increased  by  a  factor  of  10,  to  35TB,  he  adds. 


Memory  Resistors 

Scientists  at  Hewlett-Packard  are  working  on 
technology  called  a  “memristor,”  or  memory 
resistor.  “We  think  that  memristor  data  will 
have  a  significandy  longer  shelf  life  —  20 
to  30  years  at  least,”  says  Alistair  Veitch, 
director  of  HP’s  Storage  and  Information 
Management  Platforms  Lab.  “The  lab  tests 
look  extremely  promising,  but  it’s  not  until 
we  have  a  couple  of  decades  of  experience 
that  we  can  say  that  it  is  more  durable  than 
other  magnetic  or  optical  media.” 

HP  defines  the  memristor  (discovered 
in  1971)  as  a  fourth  class  of  passive  circuit 


HP’S  ALISTAIR  VEITCH 
thinks  data  could  last  at 
least  20  to  30  years  on 
memristor  systems. 


component,  joining  the  resistor,  the 
capacitor  and  the  inductor.  A  memristor 
is  a  device  whose  physical  properties 
display  a  “memory”  of  the  nature  of 
the  last  current  to  flow  through  it  and 
therefore  can  be  used  to  encode  and 
store  data  in  a  nonvolatile  fashion. 

Last  August,  HP  announced  a  joint 
development  agreement  with  Hynix 
Semiconductor,  a  South  Korean 
memory  supplier,  to  bring  memris¬ 
tor  products  to  market  in  the  form 
of  resistive  random-access  memory, 
or  ReRAM.  HP  has  said  the  ReRAM 
devices  can  be  made  with  existing 
semiconductor  manufacturing  process¬ 
es  and  should  be  competitive  with  flash 
memory  in  terms  of  price,  but  with 
higher  density  and  faster  speeds.  Veitch 
adds  that  the  memristors  also  have  the 
potential  to  be  used  as  RAM  replace¬ 
ments.  “Of  course,  there  are  caveats 
around  proving  their  manufacturabil¬ 
ity,  endurance,  etc.,  that  are  part  of  our 
ongoing  work  to  show  feasibility,  but 
we’re  cautiously  optimistic,”  he  says. 

Veitch  says  ReRAM  products  should 
start  showing  up  on  the  market  in  2013. 

But  the  ability  to  retrieve  data  after 
decades  would  be  pointless  if  reading  it 
required  software  that  had  become  un¬ 
available.  Storing  the  data  intact  is  called 
“bit  preservation,”  but  retaining  the  ability 
to  do  anything  with  it  is  called  “logical  preservation.” 

“Logical  preservation  is  much  harder  than  bit  pres¬ 
ervation,”  says  Balog.  An  automated  ability  to  translate 
data  to  other  formats  is  a  major  component  of  any 
archiving  system,  but  proprietary  formats  will  defeat 
such  software.  Consequently,  “there  is  not  going  to  be 
one  solution,”  Balog  cautions. 

Off-the-shelf  archiving  systems  are  available  to  auto¬ 
mate  part  of  the  preservation  task,  especially  data  migra¬ 
tion  in  response  to  set  policies.  The  National  Film  Board 
of  Canada  uses  a  system  called  Digital  Archive,  from 
Atempo.  In  fact,  says  Dutrisac,  the  board’s 
digitization  program  was  built  around  it. 

“Previously,  we  used  a  lot  of  backup  so¬ 
lutions,”  she  recalls.  “But  we  did  not  have 
a  way  to  catalog  the  files,  put  in  metadata, 
and  use  search  tools.” 

“Never  having  to  migrate  sounds  great 
—  everyone  is  dreaming  of  this,”  says 
Luisa  Frate,  chief  operating  officer  of  the 
National  Film  Board. 

For  now,  her  dream  remains  a  dream. 
Scientists  are  working  to  make  it  a 
reality,  but  for  the  next  few  years,  migra¬ 
tion  remains  the  answer.  ♦ 

Wood  is  a  freelance  writer  in  San  Antonio. 
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(GHG)  reduction  projects  including  forest  conservation,  safe  destruction  of 
ozone-depleting  refrigerants,  and  the  capture  of  methane  gas  from  dairy 
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To  make  participating  customers  carbon  neutral.  PG&E  may  enter  into  contracts  which  may  produce  greenhouse  gas  emission  reductions  two  or  more  years  into  the  future. 

"PG&E"  refers  to  Pacific  Gas  and  Electric  Company,  a  subsidiary  of  PG&E  Corporation.  ©201 1  Pacific  Gas  and  Electric  Company.  All  rights  reserved.  These  offers  are  funded  by  California 
utility  customers  and  administered  by  Pacific  Gas  and  Electric  Company  under  the  auspices  of  the  California  Public  Utilities  Commission.  E2737-AD-01 


SECURITY 


The  tidy  world  of  cryptography 
may  be  upended  by  the  arrival 
of  quantum  computers. 

BY  LAMONTWOOD 


N  THE  INDICTMENT  that  led  to  the  expulsion  of 
10  Russian  spies  from  the  U.S.  last  summer,  the 
FBI  said  that  it  had  gained  access  to  their  encrypt¬ 
ed  communications  after  surreptitiously  entering 
one  of  the  spies’  homes,  where  agents  found  a  piece 
of  paper  with  a  27-character  password. 

Continued  on  page  3 4 
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In  essence,  the  FBI  found  it  more  productive  to  bur¬ 
glarize  a  house  than  to  crack  a  216-bit  code,  despite 
having  the  computational  resources  of  the  U.S.  gov¬ 
ernment  behind  it.  That’s  because  modern  cryptogra¬ 
phy,  when  used  correctly,  is  very  strong.  Cracking  an 
encrypted  message  can  take  an  incredibly  long  time. 

“The  entire  commercial  world  runs  off  the  assump¬ 
tion  that  encryption  is  rock-solid  and  is  not  break¬ 
able,”  says  Joe  Moorcones,  a  vice  president  at  SafeNet, 
an  information  security  vendor  in  Belcamp,  Md. 

That’s  the  case  today.  But  within  the  foreseeable 
future,  cracking  those  same  codes  could  become 
trivial,  thanks  to  quantum  computing. 

Before  learning  about  the  threat  of  quantum 
computing,  it  helps  to  understand  the  current  state  of 
encryption.  There  are  two  kinds  of  encryption  algo¬ 
rithms  used  in  enterprise-level  communications  secu¬ 
rity:  symmetric  and  asymmetric,  Moorcones  explains. 
Symmetric  algorithms  are  typically  used  to  send  the 
actual  information,  whereas  asymmetric  algorithms 
are  used  to  send  both  the  information  and  the  keys. 

Symmetric  encryption  requires  that  the  sender  and 
receiver  both  use  the  same  algorithm  and  the  same 
encryption  key.  Decryption  is  simply  the  reverse  of  the 
encryption  process  —  hence  the  “symmetric  ’  label. 

There  are  numerous  symmetric  algorithms,  but 
most  enterprises  use  the  Advanced  Encryption 
Standard  (AES),  published  in  2001  by  the  National 
Institute  of  Standards  and  Technology  after  five  years 
of  testing.  It  replaced  the  Data  Encryption  Standard 
(DES),  which  debuted  in  1976  and  uses  a  56-bit  key. 

AES,  which  typically  uses  keys  that  are  either  128 


or  256  bits  long,  has  never  been  broken,  while  DES 
can  now  be  broken  in  a  matter  of  hours,  Moorcones 
says.  AES  is  approved  for  sensitive  U.S.  government 
information  that  is  not  classified,  he  adds. 

As  for  classified  information,  the  algorithms  used  to 
protect  it  are,  of  course,  themselves  classified.  “They’re 
more  of  the  same  —  they  put  in  more  bells  and  whistles 
to  make  them  harder  to  crack,”  says  IDC  analyst  Charles 
Kolodgy.  And  they  use  multiple  algorithms,  he  says. 

The  genuine  weakness  of  AES  —  and  any  symmet¬ 
ric  system  —  is  that  the  sender  has  to  get  the  key  to 
the  receiver.  If  that  key  is  intercepted,  transmissions 
become  an  open  book.  That’s  where  asymmetric 
algorithms  come  in. 

Moorcones  explains  that  asymmetric  systems  are 
also  called  public-key  cryptography  because  they  use 
a  public  key  for  encryption  —  but  they  use  a  differ¬ 
ent,  private  key  for  decryption.  “You  can  post  your 
public  key  in  a  directory  with  your  name  next  to  it, 
and  I  can  use  it  to  encrypt  a  message  to  you,  but  you 
are  the  only  person  with  your  private  key,  so  you  are 
the  only  person  who  can  decrypt  it.” 

The  most  common  asymmetric  algorithm  is  RSA 
(named  for  inventors  Ron  Rivest,  Adi  Shamir  and  Len 
Adleman).  It  is  based  on  the  difficulty  of  factoring 
large  numbers,  from  which  the  two  keys  are  derived. 

But  RSA  messages  with  keys  as  long  as  768  bits 
have  been  broken,  says  Paul  Kocher,  head  of  security 
firm  Cryptography  Research  in  San  Francisco.  “I 
would  guess  that  in  five  years,  even  1,024  bits  will  be 
broken,”  he  says. 

Moorcones  adds,  “You  often  see  2,048-bit  RSA 
keys  used  to  protect  256-bit  AES  keys.” 

Besides  creating  longer  RSA  keys,  users  are 
also  turning  to  elliptic  curve  (EC)  algorithms, 
based  on  the  math  used  to  describe  curves, 
with  security  again  increasing  with  the 
size  of  the  key.  EC  can  offer  the  same 
security  with  one-fourth  the  computa¬ 
tional  complexity  of  RSA,  Moorcones 
says.  However,  EC  encryption  up  to  109 
bits  has  been  broken,  Kocher  notes. 

RSA  remains  popular  with  develop¬ 
ers  because  implementation  requires 
only  multiplication  routines,  leading 
to  simpler  programming  and  higher 
throughput,  Kocher  says.  Also,  all  the 
applicable  patents  have  expired.  For  its 
part,  EC  is  better  when  there  are  band¬ 
width  or  memory  constraints,  he  adds. 

The  Quantum  Leap 

But  this  tidy  world  of  cryptogra¬ 
phy  may  be  seriously  disrupted 
by  the  arrival  of  quantum 
computers. 

“There  has  been 
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ODAY’S  ENCRYPTION  ALGORITHMS  can  be  broken.  Their  security  derives 
from  the  wildly  impractical  lengths  of  time  it  can  take  to  do  so. 

Let's  say  you’re  using  a  128-bit  AES  cipher.  The  number  of  possible  keys  with  128 
bits  is  2  raised  to  the  power  of  128,  or  3.4xl038,  or  340  undecillion.  Assuming  no 
information  on  the  nature  of  the  key  is  available  (such  as  the  fact  that  the  owner 
likes  to  use  his  or  her  children’s  birthdays),  a  code-breaking  attempt  would  require 
testing  each  possible  key  until  one  was  found  that  worked. 

Assuming  that  enough  computing  power  was  amassed  to  test  1  trillion  keys  per  second,  testing  all 
possible  keys  would  take  10.79  quintillion  years.  This  is  about  785  million  times  the  age  of  the  visible 
universe  (13.75  billion  years).  On  the  other  hand,  you  might  get  lucky  in  the  first  10  minutes. 

But  using  quantum  technology  with  the  same  throughput,  exhausting  the  possibilities  of  a  128-bit 
AES  key  would  take  about  six  months.  If  a  quantum  system  had  to  crack  a  256-bit  key,  it  would  take 
about  as  much  time  as  a  conventional  computer  needs  to  crack  a  128-bit  key. 

A  quantum  computer  could  crack  a  cipher  that  uses  the  RSA  or  EC  algorithms  almost  immediately. 


The  situation  is  less  dire  with 
symmetric  encryption,  Mosca 
explains.  Breaking  a  symmetric 
code  like  AES  is  a  matter  of 
searching  all  possible  key  com¬ 
binations  for  the  one  that  works. 
With  a  128-bit  key,  there  are 
2128  possible  combinations.  But 
thanks  to  a  quantum  computer’s 
ability  to  probe  large  numbers, 
only  the  square  root  of  the 
number  of  combinations  needs  to 
be  examined  —  in  this  case,  264. 
This  is  still  a  huge  number,  and 
AES  should  remain  secure  with 
increased  key  sizes,  Mosca  says. 


-  LAMONT  WOOD 
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tremendous  progress  in  quantum  computer  tech¬ 
nology  during  the  last  few  years,”  says  Michele 
Mosca,  deputy  director  of  the  Institute  for  Quantum 
Computing  at  the  University  of  Waterloo  in  Ontario. 
Mosca  notes  that  in  the  past  15  years,  we  have  moved 
from  playing  with  quantum  bits  to  building  quantum 
logic  gates.  At  that  rate,  he  thinks  it’s  likely  we  will 
have  a  quantum  computer  within  20  years. 

“It’s  a  game-changer,”  Mosca  says,  explaining  that 
the  change  comes  not  from  improvements  in  the 
computer’s  clock  speed,  but  from  an  astronomical 
reduction  in  the  number  of  steps  needed  to  perform 
certain  computations. 

Basically,  Mosca  explains,  a  quantum  computer 
should  be  able  to  use  the  properties  of  quantum 
mechanics  to  probe  for  patterns  within  a  huge  number 
without  having  to  examine  every  digit  in  that  number. 
Cracking  both  RSA  and  EC  ciphers  involves  that  very 
task  —  finding  patterns  in  huge  numbers. 

Mosca  explains  that  with  a  conventional  computer, 
finding  a  pattern  for  an  EC  cipher  with  N  number  of  bits 
in  the  key  would  take  a  number  of  steps  equal  to  2  raised 
to  one-half  N.  As  an  example,  for  100  bits  (a  modest 
number),  it  would  take  250  (1.125  quadrillion)  steps. 

With  a  quantum  computer,  it  should  take  about 
50  steps,  he  says,  which  means  code-breaking  would 
then  be  no  more  computationally  demanding  than 
the  original  encryption  process. 

With  RSA,  determining  the  number  of  steps 
needed  for  a  solution  through  conventional  computa¬ 
tion  is  more  complicated  than  with  EC  encryption, 
but  the  scale  of  the  reduction  with  quantum  compu¬ 
tation  should  be  similar,  Mosca  says. 


Timing  Issues 

When  will  quantum  computing 
threaten  the  status  quo?  “We 
don’t  know,”  says  Mosca.  To  many 
people,  20  years  seems  a  long  way 
off,  but  in  the  world  of  cybersecu¬ 
rity,  it’s  right  around  the  corner. 

“Is  that  an  acceptable  risk?  I  don’t 
think  so.  So  we  need  to  start  figuring  out  what  alterna¬ 
tives  to  deploy,  since  it  takes  many  years  to  change  the 
infrastructure,”  Mosca  says. 

SafeNet’s  Moorcones  disagrees.  “DES  lasted  for  30 
years,  and  AES  is  good  for  another  20  or  30  years,”  he 
says.  Increases  in  computing  power  can  be  countered  by 
changing  keys  more  often  —  with  each  new  message,  if 
necessary  —  since  many  enterprises  currently  change 
their  key  only  once  every  90  days,  he  notes.  Every 
key,  of  course,  requires  a  fresh  cracking  effort,  as  any 
success  with  one  key  isn’t  applicable  to  the  next. 

When  it  comes  to  encryption,  the  rule  of  thumb  is 
that  “you  want  your  messages  to  provide  20  years  or 
more  of  security,  so  you  want  any  encryption  that  you 
use  to  remain  strong  20  years  from  now,”  says  I  DC’s 
Kolodgy. 

For  the  time  being,  “code-breaking  today  is  an 
end-run  game  —  it’s  all  about  snatching  the  user’s 
machine,”  says  Kolodgy.  “These  days,  if  you  pull 
something  out  of  the  air,  you  can’t  decrypt  it.” 

But  the  biggest  challenge  with  encryption  is 
making  sure  that  it’s  actually  used. 

“All  business-critical  data  should  be  encrypted 
at  rest,  especially  credit  card  data,”  says  Richard 
Stiennon  at  IT-Harvest,  an  IT  security  research  firm 
in  Birmingham,  Mich.  “The  Payment  Card  Industry 
Security  Standards  Council  requires  that  merchants 
encrypt  it  —  or,  better  yet,  not  store  it  at  all.  And 
data-breach  notification  laws  don’t  require  you  to 
disclose  your  lost  data  if  it  was  encrypted.” 

And,  of  course,  leaving  your  encryption  keys 
lying  around  on  slips  of  paper  can  also  turn  out  to 
be  a  bad  idea.  ♦ 

Wood  is  a  freelance  writer  in  San  Antonio. 
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THE  OTHER  QUANTUM 


IF  QUANTUM  TECHNOLOGY  jeopardizes  the  methods 
used  to  disseminate  encryption  keys,  it  also  offers 
technology  -  called  quantum  key  distribution,  or  QKD 
-  by  which  such  keys  can  be  simultaneously  generated 
and  transmitted  securely. 

QKD  has  actually  been  on  the  market  since  2004,  with  the 
fiber-based  Cerberis  system  from  ID  Quantique  in  Geneva. 
Gregoire  Ribordy,  the  firm's  founder  and  CEO,  explains  that  the  sys¬ 
tem  is  based  on  the  fact  that  the  act  of  measuring  quantum  proper¬ 
ties  actually  changes  them. 

At  one  end  of  an  optical  fiber,  an  emitter  sends  individual  photons 
to  the  other  end.  Normally,  the  photons  will  arrive  with  the  expected 
values  and  will  be  used  to  generate  a  new  encryption  key. 

But  if  there  is  an  eavesdropper  ori  the  line,  the  receiver  will  see  an 
error  rate  in  the  photon  values  and  no  key  will  be  generated.  In  the 
absence  of  that  error  rate,  the  security  of  the  channel  is  assured, 
Ribordy  says. 

However,  since  security  can  only  be  assured  after  the  fact  -  when 


TECHNOLOGY 

the  error 
rate  is  mea¬ 
sured,  which 
happens 
immediately 
-  the  channel 
should  be  used  to 
send  only  the  keys,  not 
messages,  he  notes. 

The  other  limitation  of  the  system  is  its  range,  which  currently 
doesn’t  exceed  100  kilometers  (62  miles),  although  the  company 
has  achieved  250  kilometers  in  the  lab.  The  theoretical  maximum  is 
400  kilometers,  Ribordy  says.  Going  beyond  that  would  require  the 
development  of  a  quantum  repeater  -  which  would  presumably  use 
the  same  technology  as  a  quantum  computer. 

QKD  security  isn’t  cheap:  An  emitter-receiver  pair  costs  about 
$97,000,  Ribordy  says. 


-  LAMONT  WOOD 
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Developing  a  Metrics  System 

Quarterly  reports  to  the  CIO  will  keep  him  aware  of  risks  in 
the  environment,  and  hopefully  will  reduce  those  risks. 


Metrics  can  have  a  very 
interesting  effect.  You 
just  have  to  present  them 
properly. 

I  spent  the  past  week 
deciding  which  metrics  I  want  to  collect 
and  present  to  the  CIO  on  a  quarterly 
basis,  and  how  I  will  present  them.  I’m 
using  Microsoft  SharePoint  to  collect  my 
metrics  and  will  export  the  results  to  an 
Excel  spreadsheet  so  that  I  can  create 
some  interesting  pivot  tables  and  charts. 
The  idea  is  that  I  simply  have  to  input 
the  data,  and  the  result¬ 
ing  presentation  will  be 
automated.  I  can  even  in¬ 
corporate  the  Excel  charts 
into  PowerPoint  so  that  I 
only  have  to  open  the  pre¬ 
sentation  each  quarter  and  the  data  will 
be  updated  automatically.  And,  if  I  can 
pull  it  off,  I  can  have  some  of  the  metrics 
automatically  populate  my  SharePoint 
list.  Gotta  love  automation! 

To  begin  with,  I’m  conducting 
discovery  scans  on  the  entire  enterprise 
to  identify  the  total  number  of  devices 
(beginning  with  PCs  and  servers)  con¬ 
nected  to  the  network.  I’m  using  Nessus 
to  conduct  these  scans,  since  it’s  a  fairly 
robust  independent  tool.  The  price  is 


reasonable  for  a  one-year  license,  and  it 
lets  us  scan  our  entire  address  range.  I’m 
also  using  Altiris,  which  is  a  Symantec 
tool  that  we  use  for  software  distribu¬ 
tion  and  reporting.  And  finally,  there’s 
Symantec  AntiVirus  Server  for  reporting 
on  antivirus  compliance. 

Initial  results  are  alarming.  Our 
company  has  about  3,000  workers 
(including  contractors).  You  would  think 
that  a  discovery  scan  of  desktops  would 
yield  about  3,000  unique  desktop-class 
PCs,  with  workers  who  are  not  in  the 
office  offset  by  those 
who  have  more  than 
one  PC.  Our  result: 
4,200  PCs!  Next,  I  gen¬ 
erated  a  report  to  see 
how  many  of  those  PCs 
have  the  Altiris  Agent  installed  so  that 
we  can  control  the  configuration.  Only 
2,400.  This  means  there  are  1,800  PCs 
whose  integrity  we  can’t  vouch  for.  And 
any  unmanaged  resource  represents  risk. 

I  did  the  same  for  servers.  I  obtained 
all  the  IP  address  spaces  for  each  data 
center  and  remote  office  and  conducted 
discovery  scans  of  all  resources  that 
looked  like  they  were  running  a  server 
operating  system.  The  result:  1,200 
servers  (including  virtual  machines). 


Trouble  I 

Ticket  J 

You  don’t 
know  where  some 
dangers  lurk  unless  you 
look  for  them. 


Develop 

a  regular  program 
of  metrics,  and  find  an 
interesting  way  to  present 
them  to  the  CIO. 


Next,  Altiris  reported  only  800  servers, 
leaving  400  that  we  know  nothing  about. 
And  30  of  those  servers  are  in  our  DMZ! 

Besides  reporting  the  ratio  of  managed 
to  unmanaged  devices,  I  will  be  report¬ 
ing  on  how  many  of  those  devices  are  in 
compliance  with  our  patch  management 
policy.  We  apply  Microsoft  patches  one 
month  after  they  are  released,  giving 
us  time  to  test  different  environments 
and  applications.  I’ll  also  report  on  the 
number  of  resources  that  are  in  compli¬ 
ance  with  our  antivirus/spyware  policy, 
meaning  they  have  the  most  updated 
software  and  pattern  file. 

And  finally,  I’ll  report  on  security 
events.  Why?  Because  I  need  to  show 
the  direct  correlation  between  security 
events  and  lack  of  compliance  in  order 
to  drive  change.  I  guarantee  that  unless 
you  have  other  compensating  controls  in 
place,  such  as  IPS  or  other  activity-block¬ 
ing  infrastructure,  incidents  rise  when 
resources  aren’t  patched  or  in  compli¬ 
ance  with  antivirus  policy. 

My  plan  is  to  report  to  the  CIO  every 
quarter  on  the  number  of  managed  and 
unmanaged  devices,  and  the  data  related 
to  patches,  antivirus  and  incidents.  This 
will  make  him  aware  of  the  status  of  the 
environment  (after  all,  the  CIO  is  ulti¬ 
mately  responsible  for  IT)  and  hopefully 
drive  change  in  our  risk  exposure.  Will 
I  be  the  most  popular  guy  in  the  room? 
Probably  not.  Are  these  metrics  relevant? 
Absolutely.  And  until  we  implement 
network  access  control  to  interrogate 
each  and  every  device  that  is  attached  to 
our  network,  we  will  continue  to  have 
issues  in  this  area.  ♦ 

This  week’s  journal  is  written  by  a  real 
security  manager,  “Mathias  Thurman,” 
whose  name  and  employer  have  been  disguised 
for  obvious  reasons.  Contact  him  at  mathias_ 
thurman@yahoo.com. 


I  need  to  show  the  direct  correlation  between  security 
events  and  lack  of  compliance  in  order  to  drive  change 
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The  Variables  Determine 
The  Value  of  Variable  Cost 


There  are  other 
advantages  to 
flexible  cost 
structures 
beyond  the 
financial  ones. 
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RECENT  COMPUTERWORLD  ARTICLE  asserted  that  “CFOs  like  the 
pay-as-you-go  economics  of  cloud  computing.”  And  in  uncertain 
economic  times,  many  companies  prefer  a  flexible  cost  structure 
that  lets  IT  rapidly  match  capacity  to  business  needs.  But  financial 
benefits  aren’t  the  only  advantages  of  these  setups. 


Demand  management.  IT  services  are  never 
free,  even  if  other  departments  aren’t  charged.  Un¬ 
fortunately,  when  there  is  no  budget  impact,  busi¬ 
ness  units  are  often  casual  about  the  IT  products 
and  services  they  consume.  They  demand  status 
symbols  like  iPads,  big  monitors  and  the  latest 
smartphones.  They  provide  minimal  justification 
for  requested  IT  applications.  They  fail  to  turn  off 
mailboxes  or  return  laptops  when  people  leave. 

Even  in  companies  without  chargeback  systems, 
equipment  leasing  and  cloud  services  offer  effective 
ways  to  track  usage  of  IT  services.  Most  provid¬ 
ers  offer  detailed  bills  that  track  consumption  by 
product,  service  and  business  unit.  IT  and  Finance 
can  collaborate  to  identify  business  units  with  high 
consumption  levels.  Most  finance  organizations 
are  happy  to  follow  the  money  in  this  way  and 
demand  justification  or  reduced  consumption. 

Physical  asset  tracking.  Fixed-asset  systems 
account  for  equipment  depreciation.  However, 
many  companies  have  a  difficult  time  tracking 
physical  devices.  Desktops  and  laptops  move 
around  in  order  to  support  staffing  changes 
and  organizational  realignment.  Server  centers 
regularly  reconfigure  equipment  to  accommodate 
workload  changes.  Processors,  memory  and  other 
components  are  often  altered  to  extend  a  system’s 
useful  life,  repair  faulty  equipment  or  increase 
user  productivity.  It’s  a  nightmare!  Worse,  disap¬ 
pearing  computer  equipment  increases  the  poten¬ 
tial  for  data  breaches. 

Leases  offer  a  compelling  rationale  for  demand¬ 
ing  that  business  units  track  equipment.  Equip¬ 
ment  must  be  returned  at  the  end  of  the  lease;  it 


must  be  tracked  accurately  or  the  company  will  be 
charged  for  lost  items.  (Even  if  lost  equipment  is 
not  charged  to  the  offending  business  unit,  IT  has 
a  strong  argument  for  the  CFO  for  budget  relief.) 

Technology  refresh.  The  point-of-sale  equip¬ 
ment  in  one  Fortune  500  company  was  so  old 
that  IT  had  to  scavenge  parts  from  used  POS 
stations  that  were  being  decommissioned  by  other 
companies  (often  searching  eBay  to  find  the  right 
models).  IT  then  invested  significant  time  and 
resources  to  repair  broken  POS  terminals.  Since 
IT  labor  was  not  charged  to  store  operations  but 
depreciation  for  new  POS  devices  would  be,  store 
operations  had  little  incentive  to  replace  the  old 
equipment.  Eventually,  the  CIO  convinced  the 
CFO  to  lease  IT  equipment,  eliminating  the  temp¬ 
tation  to  operate  expensive  and  obsolete  devices. 

Some  organizations  believe  that  fully  depreci¬ 
ated  equipment  is  free  in  a  way.  They’re  reluctant 
to  replace  it  even  when  its  maintenance  costs  are 
enormous  and  its  dated  capabilities  hamper  pro¬ 
ductivity.  In  contrast,  leasing  companies  upgrade 
equipment  at  predetermined  intervals,  conve¬ 
niently  eliminating  out-of-date  equipment  and 
battles  over  budgeting  for  technology  refreshes. 

Besides  financial  flexibility,  variable  cost 
mechanisms  provide  IT  with  an  effective  vehicle 
for  tracking  resource  consumption.  These  mecha¬ 
nisms  also  provide  many  of  the  controls  and 
decision-making  benefits  of  chargeback  without 
its  significant  investment  or  overhead.  Finally,  IT 
can  deflect  complaints,  attributing  the  imposed 
controls  to  the  leasing/cloud  company.  This  time, 
someone  else  gets  to  be  the  bad  guy.  ♦ 
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Q&A 

Steve  Watson 

The  managing  director 
of  the  Dallas  office  of 
executive  search  firm 

Stanton  Chase 
International  discusses 
changes  in  prospects  for  older  workers. 

As  the  U.S.  looks  to  address  its  fiscal  challenges,  how  likely 
is  it  that  we  will  see  an  increase  in  the  retirement  age?  I 

personally  believe  it  will  be  increased  for  various  entitlement  pro¬ 
grams,  with  grandfather  clauses  for  those  close  to  retirement  age. 

Many  older  IT  workers  who  have  lost  their  jobs  say  compa¬ 
nies  favor  hiring  younger  IT  workers.  If  the  retirement  age 
is  pushed  back  to  70  or  more,  will  these  people  just  spend 
more  years  underemployed?  I  am  seeing  an  openness  on  the 
part  of  employers  to  look  at  more  experienced  people  (those  in 
their  late  50s  and  early  60s)  who  demonstrate  energy  and  a  will¬ 
ingness  to  travel  and  do  what  it  takes  to  get  the  job  done.  I  think 
more  experienced  people  have  better  opportunities  today  than 
they  did  10  or  15  years  ago,  thanks  to  the  demand  for  experience, 
leadership  and  good  management  skills.  One  client  recently  told 
me  he  had  interviewed  a  candidate  who  was  in  his  early  70s. 


MORE  OLDER  AMERICANS 
ARE  WORKING 

The  percentage  of  Americans  age  55  or  older  who  are 
in  the  labor  force  has  been  on  the  rise  since  1993  and 
in  2010  exceeded  the  percentage  recorded  in  1975. 

For  older  workers  who  haven’t  reached  retirement  age, 

the  higher  rate  of 


Labor  participation 
rate  of  workers 


Year 

55  and  older 

1975 

34.6% 

1993 

29.4% 

2010 

40.2% 

SOURCE: 

THE  EMPLOYEE 

BENEFIT  RESEARCH  INSTITUTE'S 
ANALYSIS  OF  THE  U.S.  CENSUS 
BUREAU'S  DATA  ON  LABOR-FORCE 
PARTICIPATION 


labor  participation 
can  be  attributed  to 
an  increase  the  num¬ 
ber  of  women  in  the 
workforce.  But  the 
percentages  of  both 
men  and  women  in  the 
workforce  who  are  65 
or  older  has  grown. 
Education  level  has 
a  strong  correlation 
with  a  higher  labor- 
participation  rate. 


What  accounts  for  this  change?  Companies  tend  to  hire  younger 
to  get  a  return  on  investment.  A  younger  person  might  be  able  to 
contribute  for  10  to  15  years,  be  part  of  succession  planning  and  add 
bench  strength.  Nonetheless,  companies  today  are  recognizing  that 
if  they  can  get  five  to  10  years  of  good  performance,  then  the  invest¬ 
ment  is  good.  This  is  different  thinking  than  15  or  more  years  ago, 
when  companies  were  really  looking  for  more  long-term  commit¬ 
ment.  But  they  accept  the  reality  that  people  today  move  on  more 
quickly  than  they  did  in  the  past,  especially  the  younger  generation. 

Among  employers,  there’s  a  new  emphasis  on  developing  better 
retention  vehicles  and  a  culture  that  offers  work/life  balance  and  a 
more  purposeful  life  through  things  like  giving  back,  pursuing  green 
initiatives  and  conservation,  and  promoting  community  service. 

But  sometimes  a  company  has  a  pressing  need  that  can  best  be 
addressed  by  hiring  a  more  experienced  person.  The  company  may 
need  someone  who  can  quickly  grow  revenue,  enter  new  markets, 
take  a  new  product  to  market,  expand  globally,  develop  and  lead  a 
young  team,  implement  a  new  system,  integrate  a  new  business,  or 
leverage  new  technology,  and  may  feel  that  only  someone  with  a 
wealth  of  experience  can  deliver  what  is  needed.  The  company  may 
also  want  the  experienced  hire  to  mentor  and  develop  a  successor. 

An  example  from  my  practice  is  a  start-up  business  that  is  looking 
for  a  vice  president  of  sales  and  is  seriously  looking  at  an  experienced 
candidate  whose  age  is  around  60  and  who  has  industry  contacts, 
knows  the  distribution  channels  and  can  build  a  high-performing  team 
quickly.  The  client’s  interest  in  the  more  experienced  candidate  is 
to  get  revenue,  new  customers  and  a  team  quickly. 

-  JAMIE  ECKLE 


Where  the  Jobs  Are: 
Healthcare 

As  hospitals  gear  up  for  full  implementation  of  electronic  health  record 
systems,  they  are  facing  a  significant  shortage  of  qualified  IT  personnel. 

Accenture  conducted  a  study  on  EHR  implementation  and  concluded 
that  the  push  for  electronic  records  will  require  one  full-time  healthcare  IT  worker 
for  every  five  hospital  beds.  That  translates  into  a  need  for  roughly  155,000  full¬ 
time  healthcare  IT  workers  in  the  U.S.,  which  is  some  45,000  more  than  the  cur¬ 
rent  number  of  IT  professionals  in  healthcare,  according  to  a  Gartner  estimate. 


Number  of  additional  healthcare  IT 
workers  that  will  be  needed  in  the 
U.S.  over  the  next  five  years,  according 
to  the  Office  of  the  National  Coordinator  i 
for  Health  Information  Technology,  t 
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MARKETPLACE 


Q:  Want  to  reach  165,000  readers? 
A:  Place  your  ad  here 


The  Marketplace  section  of 


MVTBIWOMII 

For  more  information  contact: 

Enku  Gubaie 
508.766.5487 
egubaie@idgenterprise.com 
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LEGAL  NOTICE  OF  PROPOSED  CLASS  ACTION  SETTLEMENT 


THIS  IS  NOT  AN  ADVERTISEMENT  OR  ATTORNEY  SOLICITATION. 

THIS  NOTICE  MAY  CONCERN  YOUR  LEGAL  RIGHTS  IF  YOU  ACCESSED  AN  INTERNET  SITE  OPERATED  OR 
SERVICED  BY  DEMAND  MEDIA,  INC.,  HULU,  LLC,  JIBJAB  MEDIA,  INC.,  NBC  UNIVERSAL,  INC.,  NEWS  CORP.,  SCRIBD,  INC., 
VIACOM  INC.,  THE  WALT  DISNEY  CO.  OR  WARNER  BROS.  RECORDS,  OR  ANY  INTERNET  SITE  EMPLOYING  QUANTCAST, 
CLEARSPRING  OR  VIDEOEGG  TECHNOLOGIES  BETWEEN  JUNE  1,  2008  and  MARCH  3,  2011. 


This  Notice  is  being  published  because  a  settlement  has  been  proposed  by  all 
parties  in  the  following  class  action  matters  pending  in  the  United  States 
District  Court,  Central  District  Of  California,  Western  Division: 

In  Re  Quantcast  Advertising  Cookie  Litig.,  No.  2:10-cv-05484-GW 
Davis  v.  VideoEgg,  Inc.,  No.  2:10-cv-07112-GW 
In  Re  Clearspring  Flash  Cookie  Litig.,  NO.  2:10-CV-05948-GW 

WHAT  IS  THIS  NOTICE  FOR? 

This  Notice  is  being  published  by  order  of  the  Court,  before  the  Court  considers  final 
approval  of  the  proposed  Settlement,  and  is  meant  to  inform  you  of  actions  you  may  take  in 
response  to  the  proposed  Settlement. 

•  You  may  do  nothing  and  be  bound  by  the  Settlement,  if  the  Court  approves  it. 

•  You  also  may  object  to  the  proposed  Settlement,  or  opt  out  of  it,  by  following  the 
instructions  in  this  Notice. 

•  The  Court  will  hold  a  hearing  about  the  Settlement,  which  you  may  attend. 

This  Notice  summarizes  some  of  the  information  related  to  the  proposed  Settlement.  For 
more  details,  go  to  www.flashcookiesettlement.com. 

WHAT  ARE  THESE  LAWSUITS  ABOUT? 

Quantcast  Corporation,  Clearspring  Technologies,  Inc.,  VideoEgg,  Inc.  and  other  companies 
allegedly  deposited  browser  “cookies”  and  Adobe  Flash  Player  local  shared  objects  (LSOs) 
on  users’  computers  when  users  visited  any  of  tens  of  millions  of  pages  on  the  Internet. 
(VideoEgg  does  not  use  browser  cookies).  Browsing  programs  may  not  manage  LSOs,  so 
LSOs  may  be  deposited  even  when  users  set  their  browsers  to  block  browser  cookies. 
Plaintiffs  allege  that,  in  some  cases  with  some  defendants,  after  users  deleted  browser 
cookies,  information  from  LSOs  was  used  to  “respawn”  those  deleted  browser  cookies. 

The  Plaintiffs  allege  that  the  Defendants  and  their  affiliates  did  not  give  users  adequate  notice 
and  choice  about  their  use  of  LSOs.  The  Defendants  deny  this. 

WHAT  DOES  THE  SETTLEMENT  DO? 

The  proposed  Settlement  would  resolve  these  lawsuits  before  the  Court  takes  a  position  on 
which  side  is  right. 

As  part  of  the  Settlement,  Quantcast,  Clearspring,  and  VideoEgg  state  that  they  do  not  and 
will  not  use  LSOs  to  respawn  browser  cookie  information  to  serve  as  an  undisclosed 
alternative  to  browser  cookies  for  tracking  users  online,  or  otherwise  to  counteract  users’ 
decisions  to  block  or  delete  browser  cookies.  Other  defendants  and  their  affiliates  agree  to 
take  significant  future  measures  to  enhance  consumers’  online  privacy. 


This  is  not  a  Settlement  in  which  Class  Members  will  receive  compensation  directly.  Under  the 
proposed  settlement  agreement,  subject  to  Court  review  and  approval,  Quantcast,  Clearspring, 
and  VideoEgg  together  will  contribute  $3,225,000  to  two  Settlement  Fimds.  After  payment  of 
attorneys’  fees  and  costs  (no  more  than  $806,250),  small  payments  to  the  representative 
plaintiffs  and  administration  costs,  the  bulk  of  the  Settlement  Fund  will  be  distributed  among 
Court-approved  non-profit  groups  engaged  in  research  and  education  that  promote  consumer 
awareness  and  choice  regarding  privacy,  safety,  and  security  of  the  electronic  information. 

AM  I  AFFECTED? 

Quantcast,  Clearspring,  and  VideoEgg  technologies  have  been  used  on  tens  of  thousands  of 
web  pages,  including  the  heavily-trafficked  websites  of  the  Defendants  and  their  affiliates.  For 
these  reasons,  substantially  all  U.S.  persons  who  have  used  the  Internet  since  June  1,  2008, 
likely  are  members  of  the  class.  Clearspring  LSOs  can  be  identified  by  a  filename  of 

“clearspring.sol.”  Quantcast  LSOs  can  be  identified  by  filenames  that  include  _ qca.sol”  or 

“Quantserve.”  VideoEgg  LSOs  can  be  identified  by  filenames  that  include  “admanager.sol” 
that  originated  from  core.videoegg.com. 

WHAT  ARE  MY  OPTIONS? 

Do  nothing:  If  you  are  a  Class  Member  and  do  nothing,  you  will  be  legally  bound  by  the 
Settlement,  and  you  will  be  giving  up  the  right  to  sue  the  Defendants  or  their  affiliates  over 
claims  related  to  or  arising  out  of  the  use  of  LSOs. 

Opt  out:  If  you  do  not  want  to  be  legally  bound  by  the  Settlement,  you  must  exclude 
yourself,  as  to  Quantcast  and  Clearspring  by  May  13,  2011,  or,  as  to  VideoEgg,  by  June  10, 
201 1,  or  you  will  not  be  able  to  sue  the  Defendants  and  their  affiliates  for  the  claims  listed  in 
the  settlement  agreement. 

Object:  If  you  wish  to  object  to  the  terms  of  the  settlement,  you  must  file  your  objection  as  to 
Quantcast  and  Clearspring  by  May  13,2011,  or,  as  to  VideoEgg,  by  June  10,2011.  Only 
members  of  the  Settlement  Class  who  have  not  opted  out  may  object  to  the  settlement. 

Opt-out  elections  and  objections  must  be  received  no  later  than  the  above-stated  dates  at  this  address: 

Flash  Cookie  Settlement  Claims  Administrator 
c/o  Rosenthal  &  Company  LLC 
P.O.  Box  6177,  Novato,  CA  94948-6177 

Attend  the  settlement  hearings:  On  June  13,  2011,  at  9:30  a.m.,  the  Court  will  hold  a  hearing  ! 
to  consider  granting  final  approval  to  the  proposed  Settlement  as  to  Quantcast  and  j 
Clearspring.  The  Court  will  hold  a  hearing  as  to  the  VideoEgg  settlement  on  July  18,  201 1  at  j 
9:30  a.m.  You  do  not  have  to  attend  either  hearing. 

For  a  full  copy  of  the  Notice  of  Settlement  and  details  on  required  procedures,  i 
deadlines,  and  your  options  and  obligations,  visit  www.flashcookiesettlemem.com. 
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careers 


MphasiS  Corp  has  multiple 
openings  for  the  following  pro¬ 
fessional  positions  at  its  office  in 
NY,  NY  &  unanticipated  client 
sites  throughout  the  US: 

1.  Systems  Analyst:  Determine 
system  requirements  and  speci¬ 
fications, 

2.  Technical  Analyst:  Review 
system  and  develop  migration 
tools. 

3.  Systems  Specialist:  Analyze 
sys  w/solution  to  improve  capa¬ 
bilities. 

4.  Information  Systems  Mgr: 
Plan  &  coord  activities  of  soft¬ 
ware  professionals. 

5.  Mgmt  Analyst:  Analyze  bus 
process  through  app  of  software 
solutions. 

6.  Business  Development  Mgr: 
Determine  IT  services/products 
and  implement  business  plans. 

7.  Systems  Engineer:  Analyze, 
design,  test  and  maintain  soft¬ 
ware  apps. 

8.  Systems  Mgr:  Analyze  user 
needs  &  dev.  software  architec¬ 
ture  solutions. 

9.  Engineering  Mgr:  Coordinate 
and  direct  integration  of  IT  pro¬ 
ject  activities 

Must  have  Bachelor  or  Master 
or  equiv  &  prior  exp  in  job 
offered  or  rel  field.  Edu/exp  reqs 
vary  depending  on  position 
level/type.  Travel/relocation 
reqd.  Send  res.,  sal  history  & 
pos  applied  for  to:  recruitmen- 
tus@mphasis.com  or  460  Park 
Avenue  South,  Suite  #1101, 
New  York,  NY  10016.  Attn:  HR 
Manager  with  Ref:  CA0311 


Research  in  Motion 

Corporation  (US),  Redwood 
City,  CA,  positions  are  avail: 
CA4065  -  Software  Developer 
CA4061  -  Software  Quality 
Assurance  Specialist 
Research  in  Motion 

Corporation  (US),  Irving,  TX, 
positions  are  avail: 

TX4057  -  Hardware  Engg 
Designer 

Research  in  Motion 

Corporation  (US),  Raleigh,  NC, 
positions  are  avail: 

NC4070  -  Field  Test  Specialist 
Research  in  Motion 

Corporation  (US),  Rolling 

Meadows,  IL,  positions  are 
avail: 

IL4068  -  Sftwr  Developer, 
Team  Lead 

IL4064  -  Hrdwr  Designer 
Research  in  Motion 

Corporation  (US),  Bellevue, 

WA,  positions  are  avail: 
WA4069  -  Carrier  Tech  Mgr 
Submit  resume  to  Research  in 
Motion  Corporation  (US),  to  PO 
Box  141394,  Irving.  TX,  75014- 
1394,  ref  approp  job  title  &  req 
number. 


Project  Managers  needed  at 


unanticipated  client  sites  w / 


exp  using  J2EE  technologies 


or  Cloud  Computing  dvlpmt. 


Mail  resume  to:  Collabera, 


Attn:  Hireme.  25  Airport  Rd.. 


Morristown,  NJ  07960 


Prgrm  Mgrs  sought  by  Satyam 
Computer  Services,  Ltd.,  to 
oversee  &  manage  multi  IT  pro¬ 
jects  &  to  oversee  proj.  plan¬ 
ning,  dvlpmt,  implmtn,  acct  & 
delivery  mgmt;  IT  Proj.  Mgrs  to 
oversee  &  manage  IT  teams  w/ 
dvlpmt  of  various  sftwre  apps 
Sys.  Analysts/Programmers/ 
Sftwre  Eng.  to  dsgn,  dvlp,  & 
maintain  comp  sftware  apps 
through  all  phases  of  sftwre 
dvlpmt  life  cycle  (Sftwre  Eng 
may  also  lead  team  on  various 
projects).  Sales  Eng/Bus.  Anlyst 
for  solutions/pre-sales  activities 
w/industry  domain  knowl.Tech 
positions  may  req  BS  deg  in 
CS,  IT,  Engg.  or  rltd  fid  &/or 
relevant  industry  exp; 
Relationship  Mgrs.  to  manage/ 
outsource  commercial  IT/Eng 
deals  to  high  tech  organi¬ 
zations.  Dvlp  proposals  for  cus¬ 
tomized  IT  solutions.  Monitor 
client  projects,  negotiate  con¬ 
tracts  &  dvlp/manage  accts. 
Managerial  positions  req  MS  or 
BS  deg  in  CS,  IT,  Bus.  Admin, 
Engg  or  rltd  fid  &  relev.  industry 
exp.  Positions  based  out  of  NJ 
but  subject  to  relocation  to 
offices/client  sites  throughout 
US.  Mail  resumes  to:  HR, 
Satyam  Computer  Services 
Ltd.,  One  Gatehall  Dr.,  Ste.  301 , 
Parsippany,  NJ  07054. 


Sr.  Software  Consultant, 
Geneva,  NY:  Hudson  Data  LLC 
needs  exp.  professionals  to 
coordinate  design/development/ 
analysis/implement  business 
applications  in  heterogeneous 
environment  using  ASP.  Net, 
Computer  Telephony,  Linux, 
Envox  Scripting,  Dialogic  API, 
SQL  Server.  Formulate  require¬ 
ments  for  configuration  & 
responsible  for  managing 
Source  Code  using  CM 
Synergy  to  ensure  proper  func¬ 
tionality  of  delivered  appli¬ 
cations.  Assist  with  problem 
analysis  &  coordinate  migrating 
Visual  Applications  to  .Net 
architecture  from  existing  sys¬ 
tems.  Supervise  Programmer. 
Competitive  salary.  Send 
resume  to  Hudson  Data  LLC, 
122  N.  Genesee  Street,  Suite 
#302A,  Geneva,  NY  14456,  Attn 
HR-SC 


Programmer  Analysts:  Develop 
and  write  computer  programs  to 
store,  locate,  and  retrieve  spe¬ 
cific  documents,  data,  and  infor¬ 
mation.  Design,  develop  and 
Implement  the  next  generation 
IP  Platforms  using  tools  and 
software  with  back  end  data¬ 
bases  to  provide  an  integrated 
management  system.  Convert 
project  specifications  and  state¬ 
ments  of  problems  and  pro¬ 
cedures  to  detailed  logical  flow 
charts  for  coding  into  computer 
language.  Masters  in  CS, 
Eng(any),  Sci  (any)  reqd.  Any 
combination  of  education,  train¬ 
ing  &  experience  equal  to 
Masters  is  acceptable.  M-F 
from  9AM-5PM.  Offers  standard 
employment  benefits.  Apply  w/2 
copies  of  resume  to 
LANDMARK  TECHNOLOGIES 
INC.  421  7th  Ave,  Suite  1007 
NY,  NY  10001 


Research  in  Motion  Corporation 
(US),  Redwood  City,  CA,  posi¬ 
tions  are  avail:CA4051 
Product  Manager-Collaborative 
CA4058  -  Software  Quality 
Assurance  Specialist  CA4059  - 
Test  Automation  Developer 
CA4063  -  Software  Developer 

Research  in  Motion  Corporation 
(US),  Sunrise,  FL,  positions  are 
avail:  FL4055  -  Embedded 
Software  Developer  FL4066  - 
Radio  Verification  Specialist 

Research  in  Motion  Corporation 
(US),  Irving,  TX,  positions  are 
avail:  TX4052  -  IOT  Specialist 

Research  in  Motion  Corporation 
(US),  Cary,  NC,  positions  are 
avail:  NC4053  -  Software  Test 
Specialist 

Research  in  Motion  Corporation 
(US),  Rolling  Meadows,  IL, 
positions  are  avail:  IL4054  - 
Manager,  Digital  Forensics 

Research  in  Motion  Corporation 
(US),  Alpharetta,  GA,  positions 
are  avail:  GA4062  -  SAP 
Business  Intelligence  Technical 
Specialist 

Submit  resume  to  Research  in 
Motion  Corporation  (US),  to 
P.O.  Box  141394,  Irving,  TX, 
75014-1394  ref  approp  job 
title  &  req  number. 


Computer  Professionals  for 
(Hicksville,  NY)  IT  firm: 
Programmer  Analysts,  S/w 
Engs,  Sr.  S/W  Engs.,  Sr. 
Programmer  Analysts, 

Business  Analysts,  Sr.  Business 
Analysts,  QA.  Analysts,  Sr.  QA. 
Analysts  to  develop,  create  & 
modify  general  comp,  appli¬ 
cations  s/w  or  specialized  utility 
programs,  analyze  user  needs 
&  develop  S/w  solutions.  Apply 
w/2  copies  of  resume  to  H.R.D, 
Eureka  Infotech,  Inc,  76  N. 
Broadway,  Suite  4010, 
Hicksville,  NY,  11801 


Employment  opportunities  for 
NJ  based  IT  firm:  Software 
Engineers,  Programmer 

Analysts  needed.  Multiple  posi¬ 
tions  available  at  junior  and 
senior  levels.  Bachelor  or 
Master  degree  in  Engg. (any), 
Comp.  Sci,  Science(any),  MIS, 
CIS  or  Math  with  or  without 
experience  required  depending 
on  the  level  of  position.  Offer 
standard  employment 

benefits.Apply  w/2  copies  of 
resume  to  MCS  Giobal,  Inc., 
666  Plainsboro  Rd,  Suite  #  525 
Plainsboro.NJ  08536. 


Computer  Professionals  for 
(Trevose,  PA)  IT  firm.  Jr.  Lvl 
positions:  Programmer  Analysts, 
Software  Eng,  to  develop,  cre¬ 
ate  &  modify  general  comp, 
applications  s/w  or  specialized 
utility  programs,  analyze  user 
needs  &  develop  S/w  solutions. 
Sr.  Lvl  positions:  Sr.  S/w  Eng, 
Sr.  Programmer  Analysts  to 
plan,  direct  or  coordinate  activi¬ 
ties  in  such  fields  as  electronic 
data  processing,  information 
systems,  systems  analysis, 
business  analysis  &  comp,  pro¬ 
gramming.  Travel  and  relocation 
is  required  for  some  positions. 
Apply  w/2  copies  of  resume  to 
HRD,  Surya  Systems,  Inc.,  One 
Neshaminy  Interplex  Ste#101 
Trevose,  PA  19053 


Database  Design  Analyst. 
Design  physical/logical  data¬ 
base.  Develop  model  describ¬ 
ing  elements/usages.  Tools: 
C#.NET,  VB.NET,  ASP,  data¬ 
base  SQL  Server  2005  w/ 
Microsoft  Visual  Studio  2005 
Req.  MS/CS  or  Info.Tech.  w/1 
yr  exp.  Polaron  Tech. 
Chicago  area.  FAX  resume  to 
847-556-6054. 


ATTENTION... 

Law  Firms 
IT  Consultants 
Staffing  Agencies 


Are  you  frequently  placing  legal 
or  immigration  advertisements? 

Let  us  help  you  put 
together  a  cost-effective 
program  that  will  make  this 
time-consuming  task  a  little  easier! 

Place  your 

Labor  Certification  Ads  here! 


For  more  information 
contact  us  at: 


800.762.2977 

iTcareers 
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SHARK!/  NK 

TRUE  TALES  OF  IT  LIFE  AS  TOLD  TO  SHARKY  ; : ; 0 T i T I : T : !1 


top  row?  The  user  tried,  then  told 
me,  ‘It  still  didn’t  work.’  I  logged  on 
remotely  with  his  log-in  and  pass¬ 
word.  It  worked  fine  for  me.  I  asked 
the  user  to  try  again.  Still  no  luck  for 
him.  Then  he  asked  if  the  ’F’  in  front 
of  the  4  could  be  making  a  differ¬ 
ence.  What  ‘F’?  I  asked.  Turns  out  he 
was  using  the  top  row.  The  function 
keys.  It’s  all  working  fine  now.” 

Not  Her  Type 

Trouble  ticket  comes  in  from  a  new 
employee  who’s  having  problems 


logging  in.  “I  headed  down  to  where 
she  was,”  says  pilot  fish  who  answers 
the  call.  “When  I  got  there,  I  noticed 
she  was  sitting  at  a  supervisor’s  desk. 
She  told  me  that  he  said  it  was  OK 
for  her  to  use  his  PC,  since  they  didn’t 
have  a  spot  for  her  yet.”  Fish  tries  the 
password,  watching  the  screen  as  he 
types.  It  works  fine.  Now  you  try  it,  he 
says.  She  does  -  and  gets  an  error 
message  that  her  log-in  information 
is  incorrect.  Fish  tries  again,  and  it 
works.  User  tries  and  it  doesn’t  work. 
Try  it  again,  fish  says  -  and  this  time 


he  watches  her  hands  closely.  As  she 
types  a  character  at  the  lower 
left  side  of  the  keyboard, 
he  stops  her.  What 
letter  did  you  just 
type?  he  asks.  “0,” 
says  user.  Show 
me  the  “0”  key, 
says  fish.  She 
points  to  the 
lower-left  area 
of  the  keyboard 
at  the  “0”  key  - 
right  where  the 
“X”  key  should  be. 
“And  then  l  see  it!” 
fish  says.  “Eight  keys 
on  the  bottom  row  of 
the  keyboard  are  not 
what  they  should  be,  but 
spell  out  the  name  of  the  supervi¬ 
sor  who  uses  this  PC.  I  told  the  user 
that  there  was  a  problem  with  the 
keyboard  and  I’d  be  replacing  it.  After 
I  did,  she  no  longer  had  issues  log¬ 
ging  in.  As  for  the  supervisor,  he  got 
a  reprimand  for  modifying  company 
computer  equipment.” 

Unclear  on 
The  Concept 

This  company  has  a  standard  proce¬ 
dure  for  dealing  with  things  like  print¬ 
ers  that  need  supplies  -  and  judging 
from  calls  to  the  help  desk,  it’s  clear 
that  users  are  aware  of  it,  reports  a 
pilot  fish  there.  Fish:  Hello,  this  is  the 
help  desk.  User:  “The  printer  up  here 
needs  toner.”  OK,  what  printer  is  it? 
“It’s  the  HP  4050.”  All  right,  I’ll  be  up 
soon.  “I’ll  e-mail  the  help  desk  too, 
like  you  always  ask  us  to.” 


»  Sharky’s  asking  you  to  e-mail 
your  true  tale  of  IT  life  to  sharky® 
computerworld.com.  You’ll  score  a 
sharp  Shark  shirt  if  l  use  it. 


Just  Like  You  Told  Me 

User  has  been  issued  a  new  notebook  computer,  and  he  calls  this  support  pilot 
fish  when  he  can’t  log  in.  “The  user  told  me  his  password  wasn’t  working,”  fish 
says.  “He  explained  that  the  notebook  would  be  no  good  for  him,  or  the  pass¬ 
word  would  have  to  change.  Why?  I  asked.  ‘Because  I  can’t  enter  my  password,’ 
said  the  user.  ‘The  password  has  a  44  in  it  and  the  notebook  doesn’t  have  a 
keypad,  so  it  can’t  be  entered.’  Hmm,  I  said,  why  not  just  use  the  numbers  on  the 


CHECK  OUT  Sharky’s  blog,  browse  the  Sharkives  and  sign  up  for  home  delivery  at  computerworld.com/sharky. 
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IT,  the  Business  and 
The  Clash  of  Cultures 


While  business 
groups  need 
IT  more  than 
ever,  the  levels 
of  mutual  trust 
remain  low 
and  frustration 
remains  high. 


Paul  Glen  is  a 

consultant  who  helps 
technical  organizations 
improve  productivity 
through  leadership, 
and  the  author  of 
the  award-winning 
book  Leading  Geeks 
(Jossey-Bass,  2003). 
You  can  contact  him  at 
info@paulglen.com. 


AFTER  MORE  THAN  10  YEARS  of  focusing  on  the  organizational, 

structural  and  managerial  issues  inside  technical  groups,  I’ve  start¬ 
ed  shifting  my  attention  to  the  boundaries  of  our  groups,  to  the  re¬ 
lationship  between  IT  and  the  rest  of  the  business. 


And  after  months  of  research  and  talks  with  IT 
leaders,  what  has  surprised  me  most  is  how  little 
progress  we  seem  to  be  making  in  improving  our 
external  relationships.  While  business  groups 
need  IT  more  than  ever,  the  levels  of  mutual  trust 
remain  low  and  frustration  remains  high. 

I  think  there  are  some  important  things  we 
need  to  recognize  to  make  more  progress. 

There  is  no  such  thing  as  “the  business-IT 
relationship.’'  We’ve  developed  shorthand  phrases 
for  discussing  our  relationships  with  the  various 
consumers  of  technology  we  serve.  Because  our 
users  are  so  diverse,  we’ve  needed  a  way  to  con¬ 
ceptualize  us  and  them  in  a  simple  way.  But  this 
is  a  dysfunctional  oversimplification.  There  is  no 
one  who  self-identifies  as  “the  business.” 

There  are  a  variety  of  functional  groups  within 
our  organizations  that  use  our  products  and 
services,  but  they  are  quite  different  from  one 
another.  Finance  groups  are  not  like  sales  groups. 
Logistics  groups  are  not  like  marketing.  Manufac¬ 
turing  is  nothing  like  human  resources.  Our  rela¬ 
tionships  with  all  need  to  be  tended  differently. 

The  most  difficult  challenges  in  these  relation¬ 
ships  are  cultural  rather  than  technical  or  proce¬ 
dural.  The  methods  we  have  been  using  to  try  to 
work  more  effectively  with  our  consumers  all  have 
one  thing  in  common:  They  focus  on  everything 
other  than  the  relationship  itself.  Think  about  it. 
IT  governance  and  portfolio  management  focus 
on  using  processes  to  improve  the  relationship. 
Project  management  focuses  on  tasks. 

These  are  all  important,  but  they  minimize  the 
human  part  of  the  equation.  The  biggest  chal¬ 


lenges  are  cultural,  not  procedural  or  technical. 
The  groups  we  serve  have  different  subcultures 
from  ours,  and  the  clash  of  these  cultures  leads  to 
miscommunication  and  an  inability  to  understand 
one  another’s  priorities. 

The  cultural  clash  between  IT  and  each  func¬ 
tional  unit  is  complicated  by  their  response  to 
technology,  and  not  just  to  us.  Business  relation¬ 
ships  are  about  more  than  the  sum  of  the  activities 
and  services  exchanged  between  individuals  and 
groups.  There  are  feelings  involved.  And  the  feel¬ 
ings  that  IT  consumers  have  about  us  are  not  just 
about  us.  It’s  difficult  for  them  to  separate  their 
feelings  about  technology  from  those  about  the 
people  who  select,  build  and  support  it  for  them. 

I’m  sure  we’ve  all  seen  cases  in  which  users  resist 
a  new  technology.  This  is  usually  attributed  to  fear 
of  change,  but  this  is  just  an  oversimplification  and 
is  dismissive  of  their  concerns.  They  often  resist  new 
technology  because  it  violates  some  aspect  of  their 
deeply  held  beliefs  about  how  the  world  does  or 
should  work.  It  conflicts  with  their  priorities  or  their 
assumptions  about  their  role  in  the  organization. 

These  are  culture  conflicts  of  a  different  sort, 
but  culture  conflicts  nonetheless.  Rare  are  the  IT 
consumers  who  can  articulate  their  unhappiness 
with  the  technology  itself  rather  than  with  those 
of  us  deemed  responsible  for  bringing  it  to  them. 

If  we  are  going  to  progress  in  the  hard  work  of 
building  and  maintaining  cross-functional  rela¬ 
tionships,  we  need  to  start  thinking  more  about 
our  own  culture  and  those  of  our  users.  Now  that 
IT  is  ubiquitous,  we  must  acknowledge  the  human 
challenges  that  delivering  technology  brings.  ♦ 
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From  the  editors  of  CIO ,  Computerworld,  lnfoWorld&  Network  World- 

Your  Strategic  Guide  to 
Operationalizing  Cloud 

Explore  how,  when  and  where  to  use  cloud  to  enrich  your  IT  portfolio 
and  make  your  business  more  agile,  with  the  original  editorial  content 
exclusively  featured  in  this  Strategic  Guide  to  Operationalizing  Cloud. 

We  know  you  enjoy  and  trust  the  information  you  get  from  CIO, 
Computerworld,  InfoWorld and  Network  World.  Now  lookforthe  digital 
magazine  -  a  new,  targeted  information  resource  that  combines  these 
editorial  forces! 

Delivered  straight  to  your  in-box  or  available  online  at: 

www.computerworld.eom/s/pages/digital_cloud 

Debuting  March  28, 2011. 
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Netezza. 

Up  and 
running  in 
24  hours, 
not  24  days. 

Get  set  up  in  hours  instead  of  days,  and  start  counting  returns  in 
minutes  instead  of  hours.  All  with  IBM’s  Netezza  data  warehouse 
appliance  for  high-performance  analytics.  It  gives  you  analytics 
reports  at  supersonic  speeds.  At  a  fraction  of  the  cost  of  Oracle 
Exadata.  Get  real,  actionable  business  results  fast. 

ibm.com/facts 


COST  companson  based  on  publicly  available  information  as  of  2flQ/20ll  for  an  Oracle  Exadata  X2-2  HP  Fun  Rack  and  a  full  rack  of  Netezza  TwtnFm.  The  cost  to  acquire  Netezza  can  be  as  low  as  1/6  of  Exadata  if  a  client  is 
acquiring  new  Oracle  dataoase  licenses  and  as  low  as  V2  if  using  existing  Oracle  database  licenses  IBM  the  IBM  iogo  ibmcom.  Smartef  Planet  and  the  planet  icon  are  trademarks  of  Internationa)  Business  Machines  Corp. 
registered  in  many  jurisdictions  worldwide  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies  A  current  fist  of  IBM  trademarks  is  available  on  the  Web  at  wwwjbmcom/lega!  copy  trade  shtml 
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